Vulnerability Name:

CVE-2021-38512 (CCN-207276)

Assigned:2021-06-16
Published:2021-06-16
Updated:2021-09-21
Summary:An issue was discovered in the actix-http crate before 3.0.0-beta.9 for Rust. HTTP/1 request smuggling (aka HRS) can occur, potentially leading to credential disclosure.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-444
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2021-38512

Source: XF
Type: UNKNOWN
rust-cve202138512-info-disc(207276)

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-98066afb33

Source: MISC
Type: Exploit, Third Party Advisory
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/actix-http/RUSTSEC-2021-0081.md

Source: CCN
Type: RUSTSEC-2021-0081
Potential request smuggling capabilities due to lack of input validation

Source: MISC
Type: Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2021-0081.html

Vulnerable Configuration:Configuration 1:
  • cpe:/a:actix:actix-http:*:*:*:*:*:rust:*:* (Version < 3.0.0)
  • OR cpe:/a:actix:actix-http:3.0.0:-:*:*:*:rust:*:*
  • OR cpe:/a:actix:actix-http:3.0.0:beta1:*:*:*:rust:*:*
  • OR cpe:/a:actix:actix-http:3.0.0:beta2:*:*:*:rust:*:*
  • OR cpe:/a:actix:actix-http:3.0.0:beta3:*:*:*:rust:*:*
  • OR cpe:/a:actix:actix-http:3.0.0:beta4:*:*:*:rust:*:*
  • OR cpe:/a:actix:actix-http:3.0.0:beta5:*:*:*:rust:*:*
  • OR cpe:/a:actix:actix-http:3.0.0:beta6:*:*:*:rust:*:*
  • OR cpe:/a:actix:actix-http:3.0.0:beta7:*:*:*:rust:*:*
  • OR cpe:/a:actix:actix-http:3.0.0:beta8:*:*:*:rust:*:*

    • Configuration 2:
  • cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    actix actix-http *
    actix actix-http 3.0.0 -
    actix actix-http 3.0.0 beta1
    actix actix-http 3.0.0 beta2
    actix actix-http 3.0.0 beta3
    actix actix-http 3.0.0 beta4
    actix actix-http 3.0.0 beta5
    actix actix-http 3.0.0 beta6
    actix actix-http 3.0.0 beta7
    actix actix-http 3.0.0 beta8
    fedoraproject fedora 34