CVE-2018-11469 : Incorrect caching of responses to requests including an Authorization header in

Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an unauthenticated remote request, related to the proto_http.c check_request_for_cacheability function.

Published 2018-05-25 14:29:00

Updated 2019-06-11 14:29:00

Source MITRE

View at NVD, CVE.org

Vulnerability category: Information leak

Products affected by CVE-2018-11469

Canonical » Ubuntu Linux » Version: 18.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
Matching versions
Haproxy » Haproxy
Versions from including (>=) 1.8.0 and up to, including, (<=) 1.8.9
cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2018-11469

Top countries where our scanners detected CVE-2018-11469

Top open port discovered on systems with this issue 80

IPs affected by CVE-2018-11469 588

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2018-11469!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2018-11469

EPSS FAQ

0.09%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 23 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2018-11469

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:P/I:N/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
5.9	MEDIUM	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N	2.2	3.6	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2018-11469

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2018-11469

http://www.securityfocus.com/bid/104347

HAProxy CVE-2018-11469 Information Disclosure Vulnerability
Third Party Advisory;VDB Entry
https://access.redhat.com/errata/RHSA-2019:1436

RHSA-2019:1436 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
https://git.haproxy.org/?p=haproxy-1.8.git;a=commit;h=17514045e5d934dede62116216c1b016fe23dd06

Repositories - haproxy-1.8.git/commit
Third Party Advisory
https://usn.ubuntu.com/3663-1/

USN-3663-1: HAProxy vulnerability | Ubuntu security notices
Third Party Advisory