CVE-2021-36157: 
Red Hat Enterprise Linux CoreOS (RHCOS) vulnerability analysis and mitigation

A directory traversal vulnerability was discovered in Grafana Cortex through version 1.9.0. The vulnerability stems from the improper handling of the X-Scope-OrgID header value, which is used to construct file paths for rules files (NVD).

The vulnerability exists in the way Grafana Cortex handles the X-Scope-OrgID header when constructing file paths. If crafted maliciously, an attacker could use path traversal characters (../../) in the header value to access files outside the intended directory structure. This could potentially lead to unauthorized access to sensitive files that Cortex has permission to read (GitHub PR).

The vulnerability could allow an attacker with suitable access to trick Cortex into sending the contents of files it has access to. When exploited, the attacker could potentially read sensitive files through error messages when Cortex attempts to parse these files as rules files (GitHub PR).

Several mitigation strategies are available: 1) Upgrade to a patched version of Cortex, 2) Use a proxy in front of Cortex that supplies the OrgID header, preventing it from being crafted by an attacker, 3) Run Cortex with limited access to sensitive files, such as in a container or chroot, and as a user with limited access permissions (GitHub PR).