Vulnerability Details : CVE-2020-15810
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the proxy cache and any downstream caches with content from an arbitrary source. When configured for relaxed header parsing (the default), Squid relays headers containing whitespace characters to upstream servers. When this occurs as a prefix to a Content-Length header, the frame length specified will be ignored by Squid (allowing for a conflicting length to be used from another Content-Length header) but relayed upstream.
Exploit prediction scoring system (EPSS) score for CVE-2020-15810
Probability of exploitation activity in the next 30 days: 0.19%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 56 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2020-15810
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
3.5
|
LOW | AV:N/AC:M/Au:S/C:N/I:P/A:N |
6.8
|
2.9
|
[email protected] |
|
6.5
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
2.8
|
3.6
|
[email protected] |
CWE ids for CVE-2020-15810
-
The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.Assigned by: [email protected] (Primary)
References for CVE-2020-15810
-
https://lists.debian.org/debian-lts-announce/2020/10/msg00005.html
Mailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00012.html
Mailing List;Third Party Advisory
-
https://www.debian.org/security/2020/dsa-4751
Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/[email protected]/message/BE6FKUN7IGTIR2MEEMWYDT7N5EJJLZI2/
Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/[email protected]/message/BMTFLVB7GLRF2CKGFPZ4G4R5DIIPHWI3/
Third Party Advisory
-
https://usn.ubuntu.com/4477-1/
Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20210226-0006/
Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/[email protected]/message/HJJDI7JQFGQLVNCKMVY64LAFMKERAOK7/
Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20210226-0007/
Broken Link
-
https://github.com/squid-cache/squid/security/advisories/GHSA-3365-q9qx-f98m
Mitigation;Third Party Advisory
-
https://usn.ubuntu.com/4551-1/
Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00017.html
Mailing List;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20210219-0007/
Third Party Advisory
Products affected by CVE-2020-15810
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
- cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*
- cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*