CVE-2021-27099
MEDIUMSPIRE < 0.8.5, 0.9.4, 0.10.2, 0.11.3, 0.12.1 - Incorrect Authorization via AWS IID Node Attestor Path Normalization
Title source: llmDescription
In SPIRE before versions 0.8.5, 0.9.4, 0.10.2, 0.11.3 and 0.12.1, the "aws_iid" Node Attestor improperly normalizes the path provided through the agent ID templating feature, which may allow the issuance of an arbitrary SPIFFE ID within the same trust domain, if the attacker controls the value of an EC2 tag prior to attestation, and the attestor is configured for agent ID templating where the tag value is the last element in the path. This issue has been fixed in SPIRE versions 0.11.3 and 0.12.1
References (1)
Core 1
Core References
Patch, Third Party Advisory x_refsource_misc
https://github.com/spiffe/spire/security/advisories/GHSA-q7gm-mjrg-44h9
Scores
CVSS v3
6.8
EPSS
0.0072
EPSS Percentile
49.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Details
CWE
CWE-863
Status
published
Products (1)
cncf/spire
< 0.8.5
Published
Mar 05, 2021
Tracked Since
Feb 18, 2026