Login Sign Up

CVE-2021-32814

8.8 HIGH

📋 TL;DR

CVE-2021-32814 is a directory traversal vulnerability in Skytable NoSQL database that allows remote attackers to delete or modify critical files on the host system. This affects all Skytable versions before 0.5.1. The vulnerability enables file system manipulation through path traversal techniques.

💻 Affected Systems

Products:
  • Skytable
Versions: All versions prior to 0.5.1
Operating Systems: All operating systems running Skytable
Default Config Vulnerable: ⚠️ Yes
Notes: All Skytable deployments with default configurations are vulnerable. The vulnerability affects the automated snapshot feature's file handling.

📦 What is this software?

Skytable by Skytable

View all CVEs affecting Skytable →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through deletion of critical system files, configuration files, or database corruption leading to data loss and service disruption.

🟠

Likely Case

Database corruption, data loss, or service disruption through deletion of Skytable configuration and data files.

🟢

If Mitigated

Limited impact if proper network segmentation and access controls prevent unauthorized connections to Skytable instances.

🌐 Internet-Facing: HIGH - Internet-facing Skytable instances are directly exploitable by remote attackers without authentication.
🏢 Internal Only: HIGH - Internal instances remain vulnerable to any network-connected attacker within the environment.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

The vulnerability requires network access to Skytable but no authentication. Exploitation involves directory traversal payloads in file operations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.5.1

Vendor Advisory: https://security.skytable.io/ve/s/00001.html

Restart Required: Yes

Instructions:

1. Stop Skytable service. 2. Backup configuration and data. 3. Upgrade to Skytable 0.5.1 or later. 4. Restart Skytable service. 5. Verify functionality.

🔧 Temporary Workarounds

No workarounds available

all

The vendor states there are no known workarounds aside from upgrading to patched version.

🧯 If You Can't Patch

  • Isolate Skytable instances behind firewalls with strict network access controls
  • Implement network segmentation to limit exposure to trusted hosts only

🔍 How to Verify

Check if Vulnerable:

Check Skytable version: if version is less than 0.5.1, the system is vulnerable.

Check Version:

skytable --version

Verify Fix Applied:

Verify Skytable version is 0.5.1 or higher after upgrade.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file path patterns in Skytable logs
  • Failed file operations with traversal patterns
  • Unexpected file deletion events

Network Indicators:

  • Directory traversal patterns in network traffic to Skytable port
  • Unusual file operation requests from untrusted sources

SIEM Query:

source="skytable.log" AND ("..\" OR "../" OR "%2e%2e" OR path_traversal_patterns)

📊 Metadata

CVE ID: CVE-2021-32814
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-22
Published: August 3, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-32814, you might also want to check these:

CVE-2024-43955 10.0

CVE-2024-43955 is an unauthenticated path traversal vulnerability in the Droip WordPress plugin that...

Same vulnerability type (CWE-22)
CVE-2025-54261 10.0

This critical path traversal vulnerability in Adobe ColdFusion allows attackers to escape restricted...

Same vulnerability type (CWE-22)
CVE-2024-40628 10.0

This critical vulnerability in JumpServer allows attackers to read arbitrary files from the Celery c...

Same vulnerability type (CWE-22)