Lucene search

Legacy Node API Allows Impersonation in github.com/spiffe/spire/pkg/server/endpoints/node

🗓️ 21 May 2021 14:11:31Reported by GitHub Advisory DatabaseType

Legacy Node API vulnerability in SPIR

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
cve	CVE-2021-27098	5 Mar 202117:15	–	cve
nvd	CVE-2021-27098	5 Mar 202117:15	–	nvd
osv	Legacy Node API Allows Impersonation in github.com/spiffe/spire/pkg/server/endpoints/node	21 May 202114:31	–	osv
osv	CVE-2021-27098	5 Mar 202117:15	–	osv
cvelist	CVE-2021-27098	5 Mar 202116:59	–	cvelist
prion	Design/Logic Flaw	5 Mar 202117:15	–	prion
veracode	Authorization Bypass	8 Mar 202104:56	–	veracode

Vulners

Node

spiffe spireRange0.12.0–0.12.1

spiffe spireRange0.11.0–0.11.3

spiffe spireRange0.10.0–0.10.2

spiffe spireRange0.9.0–0.9.4

spiffe spireRange0.8.1–0.8.5

Source	Link
github	www.github.com/spiffe/spire/security/advisories/GHSA-h746-rm5q-8mgq
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-27098
github	www.github.com/spiffe/spire/commit/3c5115b57afc20a0a2c2b1b9dd60dd1fd9082e13
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
github	www.github.com/advisories/GHSA-h746-rm5q-8mgq

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

21 May 2021 14:31Current

7.8High risk

Vulners AI Score7.8

CVSS25.5

CVSS38.1

EPSS0.00117