CVE-2021-43820
Summary
| CVE | CVE-2021-43820 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-12-14 19:15:00 UTC |
| Updated | 2021-12-21 17:17:00 UTC |
| Description | Seafile is an open source cloud storage system. A sync token is used in Seafile file syncing protocol to authorize access to library data. To improve performance, the token is cached in memory in seaf-server. Upon receiving a token from sync client or SeaDrive client, the server checks whether the token exist in the cache. However, if the token exists in cache, the server doesn't check whether it's associated with the specific library in the URL. This vulnerability makes it possible to use any valid sync token to access data from any **known** library. Note that the attacker has to first find out the ID of a library which it has no access to. The library ID is a random UUID, which is not possible to be guessed. There are no workarounds for this issue. |
Risk And Classification
Problem Types: CWE-639
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Seafile | Seafile Server | All | All | All | All |
| Application | Seafile | Seafile Server | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Sync token can be used to access data from other libraries · Advisory · haiwen/seafile-server · GitHub | CONFIRM | github.com | |
| Validate repo_id when validate token from cache by feiniks · Pull Request #520 · haiwen/seafile-server · GitHub | MISC | github.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.