Vulnerability Details : CVE-2019-3877
A vulnerability was found in mod_auth_mellon before v0.14.2. An open redirect in the logout URL allows requests with backslashes to pass through by assuming that it is a relative URL, while the browsers silently convert backslash characters into forward slashes treating them as an absolute URL. This mismatch allows an attacker to bypass the redirect URL validation logic in apr_uri_parse function.
Vulnerability category: Open redirect
Products affected by CVE-2019-3877
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
- cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:*:*:*:*:*:apache:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-3877
0.26%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 65 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-3877
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST | |
6.1
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
NIST | |
5.8
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N |
3.9
|
1.4
|
Red Hat, Inc. |
CWE ids for CVE-2019-3877
-
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.Assigned by:
- nvd@nist.gov (Primary)
- secalert@redhat.com (Secondary)
References for CVE-2019-3877
-
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3877
1691125 – (CVE-2019-3877) CVE-2019-3877 mod_auth_mellon: open redirect in logout url when using URLs with backslashesIssue Tracking;Patch;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X7NLAU7KROWNTHAYSA2S67X347F42L2I/
[SECURITY] Fedora 30 Update: mod_auth_mellon-0.14.2-1.fc30 - package-announce - Fedora Mailing-Lists
-
https://github.com/Uninett/mod_auth_mellon/issues/35
Open Redirection issue · Issue #35 · Uninett/mod_auth_mellon · GitHubPatch;Third Party Advisory
-
https://usn.ubuntu.com/3924-1/
USN-3924-1: mod_auth_mellon vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ/
[SECURITY] Fedora 29 Update: mod_auth_mellon-0.14.0-5.fc29 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:3421
RHSA-2019:3421 - Security Advisory - Red Hat Customer Portal
-
https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8
Fix redirect URL validation bypass · Uninett/mod_auth_mellon@6204142 · GitHubPatch;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:0766
RHSA-2019:0766 - Security Advisory - Red Hat Customer Portal
Jump to