VelaUX APIServer vulnerable to Authentication Bypass by Capture-replay

KubeVela is an application delivery platform Users using KubeVela's VelaUX APIServer could be affected by an authentication bypass vulnerability. In KubeVela prior to versions 1.4.11 and 1.5.4, VelaUX APIServer uses the `PlatformID` as the signed key to generate the JWT tokens for users. Another API called `getSystemInfo` exposes the platformID. This vulnerability allows users to use the platformID to re-generate the JWT tokens to bypass the authentication. Versions 1.4.11 and 1.5.4 contain a patch for this issue.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

使用捕获-重放进行的认证绕过

KubeVela 安全漏洞

KubeVela是KubeVela开源的一个现代应用程序交付平台。 KubeVela 1.4.11和1.5.4之前的版本存在安全漏洞，该漏洞源于其VelaUX APIServer使用PlatformID作为签名密钥为用户生成JWT令牌。另一个名为“getSystemInfo”的API暴露了platformID。这个操作允许用户使用platformID重新生成JWT令牌，从而绕过身份验证。

N/A

N/A