31 lines
1.0 KiB
YAML
31 lines
1.0 KiB
YAML
id: CVE-2020-15129
|
|
|
|
info:
|
|
name: Open-redirect in Traefik
|
|
author: dwisiswant0
|
|
severity: medium
|
|
description: There exists a potential open redirect vulnerability in Traefik's handling of the X-Forwarded-Prefix header. Active Exploitation of this issue is unlikely as it would require active header injection, however the Traefik team may want to address this issue nonetheless to prevent abuse in e.g. cache poisoning scenarios.
|
|
reference: https://securitylab.github.com/advisories/GHSL-2020-140-Containous-Traefik
|
|
tags: cve,cve2020,traefik,redirect
|
|
classification:
|
|
cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
|
|
cvss-score: 4.70
|
|
cve-id: CVE-2020-15129
|
|
cwe-id: CWE-601
|
|
|
|
requests:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}"
|
|
headers:
|
|
X-Forwarded-Prefix: "https://foo.nl"
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: status
|
|
status:
|
|
- 302
|
|
- type: word
|
|
words:
|
|
- "<a href=\"https://foo.nl/dashboard/\">Found</a>"
|
|
condition: or
|
|
part: body |