This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: FIWARE Keyrock has an **OS Command Injection** flaw. <br>π₯ **Consequences**: Attackers can execute arbitrary commands on the server.β¦
π‘οΈ **Root Cause**: **CWE-78** (OS Command Injection). <br>π **Flaw**: The function `generate_app_certificates` in `lib/app_certificates.js` fails to properly **sanitize** user input. Malicious payloads slip through.
Q3Who is affected? (Versions/Components)
π’ **Vendor**: FIWARE. <br>π¦ **Product**: FIWARE Keyrock (Identity Management Component). <br>π **Affected**: Versions **8.4 and earlier**. Newer versions may be safe.
Q4What can hackers do? (Privileges/Data)
π **Attacker Capabilities**: <br>1. **Execute OS Commands**: Full control over the underlying OS. <br>2. **Data Access**: Read sensitive identity data. <br>3.β¦
π **Exploitation Threshold**: **Medium**. <br>π **Auth Required**: **PR:H** (High Privileges Required). You need valid credentials to access the Keyrock API. <br>π **Network**: **AV:N** (Network exploitable).
Q6Is there a public Exp? (PoC/Wild Exploitation)
π’ **Public Exploit**: **No**. <br>π« **PoC**: The `pocs` field is empty. <br>β οΈ **Risk**: While no public PoC exists, the CVSS score is **Critical (9.8)**. Wild exploitation is likely once details are reverse-engineered.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: <br>1. Check Keyrock version (`< 8.4`). <br>2. Inspect `lib/app_certificates.js` for unsanitized inputs in `generate_app_certificates`. <br>3.β¦
π οΈ **Official Fix**: **Yes**. <br>π¦ **Mitigation**: Upgrade to a version **newer than 8.4**. The vendor has acknowledged the issue (Reference: ait.ac.at).
Q9What if no patch? (Workaround)
π§ **No Patch Workaround**: <br>1. **Restrict Access**: Limit API access to trusted IPs only. <br>2. **Input Validation**: Manually patch `lib/app_certificates.js` to sanitize inputs. <br>3.β¦
π₯ **Urgency**: **CRITICAL**. <br>β³ **Priority**: **Immediate Action Required**. <br>π‘ **Reason**: CVSS 9.8 + Network Access + High Impact. Even without public PoC, the risk is extreme. Patch ASAP.