Skip to content

log_injection_vulnerability

Jump to bottom
Siju Maliakkal edited this page Mar 29, 2022 · 2 revisions

Photon OS Security Advisory

VMware Photon log injection vulnerability

Summary

Advisory ID : PHSA-2022-CVE-2021-22055
Type : Security
Severity : Low
Issued : 2022-03-28

Description

The SchedulerServer in Vmware photon allows remote attackers to inject logs through \r in the package parameter. Attackers can also insert malicious data and fake entries.

Solution

Use logging-formatter-anticrlf

Reference

https://github.com/vmware/photon/commit/d21b72d6ab9fca9100c06e6200ca96bb6d2269d2
https://www.veracode.com/blog/secure-development/fixing-crlf-injection-logging-issues-python
https://github.com/darrenpmeyer/logging-formatter-anticrlf

Credits

This issue was discovered by haby0(Duxiaoman Financial Security Team)

Details of exploit is here

Home | Download Photon OS | Documentation | VMware on GitHub

Clone this wiki locally