CVE-2024-21497

All versions of the package github.com/greenpau/caddy-security are vulnerable to Open Redirect via the redirect_url parameter. An attacker could perform a phishing attack and trick users into visiting a malicious website by crafting a convincing URL with this parameter. To exploit this vulnerability, the user must take an action, such as clicking on a portal button or using the browser’s back button, to trigger the redirection.

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy/
https://github.com/greenpau/caddy-security/issues/268
https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGREENPAUCADDYSECURITY-6249861
https://blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy/
https://github.com/greenpau/caddy-security/issues/268
https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGREENPAUCADDYSECURITY-6249861

Configurations

No configuration.

History

No history.

Information

Published : 2024-02-17 05:15

Updated : 2024-11-21 08:54

NVD link : CVE-2024-21497

Mitre link : CVE-2024-21497

CVE.ORG link : CVE-2024-21497

JSON object : View

Products Affected

No product.

CWE

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

{"id": "CVE-2024-21497", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "report@snyk.io", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.8}]}, "published": "2024-02-17T05:15:09.863", "references": [{"url": "https://blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy/", "source": "report@snyk.io"}, {"url": "https://github.com/greenpau/caddy-security/issues/268", "source": "report@snyk.io"}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGREENPAUCADDYSECURITY-6249861", "source": "report@snyk.io"}, {"url": "https://blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/greenpau/caddy-security/issues/268", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGREENPAUCADDYSECURITY-6249861", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "report@snyk.io", "description": [{"lang": "en", "value": "CWE-601"}]}], "descriptions": [{"lang": "en", "value": "All versions of the package github.com/greenpau/caddy-security are vulnerable to Open Redirect via the redirect_url parameter. An attacker could perform a phishing attack and trick users into visiting a malicious website by crafting a convincing URL with this parameter. To exploit this vulnerability, the user must take an action, such as clicking on a portal button or using the browser\u2019s back button, to trigger the redirection."}, {"lang": "es", "value": "Todas las versiones del paquete github.com/greenpau/caddy-security son vulnerables a Open Redirect a trav\u00e9s del par\u00e1metro redirect_url. Un atacante podr\u00eda realizar un ataque de phishing y enga\u00f1ar a los usuarios para que visiten un sitio web malicioso creando una URL convincente con este par\u00e1metro. Para aprovechar esta vulnerabilidad, el usuario debe realizar una acci\u00f3n, como hacer clic en un bot\u00f3n del portal o usar el bot\u00f3n atr\u00e1s del navegador, para activar la redirecci\u00f3n."}], "lastModified": "2024-11-21T08:54:33.400", "sourceIdentifier": "report@snyk.io"}