CVE-2021-31232
Description
The Alertmanager in CNCF Cortex before 1.8.1 has a local file disclosure vulnerability when -experimental.alertmanager.enable-api is used. The HTTP basic auth password_file can be used as an attack vector to send any file content via a webhook. The alertmanager templates can be used as an attack vector to send any file content because the alertmanager can load any text file specified in the templates list.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/cortexproject/cortexGo | < 1.8.1 | 1.8.1 |
Affected products
2- CNCF/Cortexdescription
Patches
Vulnerability mechanics
Root cause
"Missing input validation on template filenames and HTTP/TLS config file-path fields allows an attacker to read arbitrary local files."
Attack vector
An attacker with the ability to submit an Alertmanager configuration (via the experimental API) can craft a config that references arbitrary file paths in the `templates` list or sets fields like `password_file` in HTTP basic auth config. When the Alertmanager processes this config, it reads the specified local file and includes its content in webhook requests or template rendering, thereby disclosing sensitive local file contents to an attacker-controlled endpoint. This is a local file disclosure vulnerability [CWE-20] because the product fails to validate that template names and file-path fields do not escape the intended directory.
Affected code
The vulnerability resides in the Alertmanager configuration validation logic within `pkg/alertmanager/api.go` and `pkg/alertmanager/multitenant.go`. The `validateUserConfig` function did not validate template filenames or HTTP config fields like `password_file`, `bearer_token_file`, and `credentials_file`, allowing an attacker to specify arbitrary file paths. The patch adds `validateTemplateFilename`, `safeTemplateFilepath`, and a recursive `validateAlertmanagerConfig` function to reject path-containing template names and file-referencing HTTP/TLS/Slack/VictorOps settings.
What the fix does
The patch introduces a recursive `validateAlertmanagerConfig` function that uses reflection to scan the entire config structure for types like `HTTPClientConfig`, `TLSConfig`, `SlackConfig`, and `VictorOpsConfig`, rejecting any that contain file-path fields (e.g., `password_file`, `bearer_token_file`, `credentials_file`, `CAFile`, `SlackAPIURLFile`, `VictorOpsAPIKeyFile`). It also adds `validateTemplateFilename` and `safeTemplateFilepath` to ensure template names contain no path separators and that the resolved file path stays within the tenant's data directory. Together these changes prevent an attacker from reading arbitrary local files via the Alertmanager configuration.
Preconditions
- configThe `-experimental.alertmanager.enable-api` flag must be enabled on the Cortex Alertmanager.
- authThe attacker must be able to submit a crafted Alertmanager configuration to the validation or set-config API endpoint.
- networkThe attacker must control a webhook endpoint to receive the exfiltrated file content, or rely on template rendering that sends the content elsewhere.
Generated on Jun 20, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-m45g-f45x-vv22ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-31232ghsaADVISORY
- community.grafana.com/c/security-announcementsghsax_refsource_MISCWEB
- github.com/cortexproject/cortex/pull/4129/filesghsax_refsource_MISCWEB
- lists.cncf.io/g/cortex-users/message/50ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.