CVE-2021-20278

An authentication bypass vulnerability was found in Kiali in versions before 1.31.0 when the authentication strategy OpenID is used. When RBAC is enabled, Kiali assumes that some of the token validation is handled by the underlying cluster. When OpenID implicit flow is used with RBAC turned off, this token validation doesn't occur, and this allows a malicious user to bypass the authentication.

Published: May 28, 2021
Updated: May 9, 2024
CVE: CVE-2021-20278
GHSA: GHSA-ggjr-2f7v-vhq4
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CVSS v2:

Severity: Medium
Score: 5.8
AV:N/AC:M/Au:N/C:P/I:P/A:N

CWEs:

CWE-287
CWE-290

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
kiali / kiali	-	1.31.0
github.com/kiali/kiali	-	1.31.0

https://bugzilla.redhat.com/show_bug.cgi?id=1937171
https://kiali.io/news/security-bulletins/kiali-security-002/

Vulnerability Database

289,599

CVE-2021-20278