CVE-2021-44225

keepalived: dbus access control bypass

Severity Score

5.4

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This leads to access-control bypass in some situations in which an unrelated D-Bus system service has a settable (writable) property

En Keepalived versiones hasta 2.2.4, la política D-Bus no restringe suficientemente el destino de los mensajes, permitiendo a cualquier usuario inspeccionar y manipular cualquier propiedad. Esto conlleva a una omisión del control de acceso en algunas situaciones en las que un servicio del sistema D-Bus no relacionado presenta una propiedad configurable (escribible)

A flaw was found in keepalived, where an improper authentication vulnerability allows an unprivileged user to change properties that could lead to an access-control bypass.

The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server kernel module providing layer-4 load balancing. Keepalived implements a set of checkers to dynamically and adaptively maintain and manage a load balanced server pool according to the health of the servers. Keepalived also implements the Virtual Router Redundancy Protocol to achieve high availability with director failover. Issues addressed include a bypass vulnerability.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

None

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

Partial

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2021-11-25 CVE Reserved
2021-11-26 CVE Published
2024-08-04 CVE Updated
2025-04-08 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-287: Improper Authentication

CAPEC

References (7)

URL	Tag	Source
https://github.com/acassen/keepalived/pull/2063	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/04/msg00012.html	Mailing List

URL	Date	SRC

URL	Date	SRC
https://github.com/acassen/keepalived/commit/7977fec0be89ae6fe87405b3f8da2f0b5e415e3d	2023-11-07

URL	Date	SRC
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5226RYNMNB7FL4MSJDIBBGPUWH6LMRYV	2023-11-07
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6O2R6EXURJQFPFPYFWRCZLUYVWQCLSZM	2023-11-07
https://access.redhat.com/security/cve/CVE-2021-44225	2022-05-10
https://bugzilla.redhat.com/show_bug.cgi?id=2027156	2022-05-10

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Keepalived Search vendor "Keepalived"		Keepalived Search vendor "Keepalived" for product "Keepalived"				<= 2.2.4 Search vendor "Keepalived" for product "Keepalived" and version " <= 2.2.4"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				34 Search vendor "Fedoraproject" for product "Fedora" and version "34"		-		Affected
Fedoraproject Search vendor "Fedoraproject"		Fedora Search vendor "Fedoraproject" for product "Fedora"				35 Search vendor "Fedoraproject" for product "Fedora" and version "35"		-		Affected