CVE-2020-28168 : Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass

Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.

Published 2020-11-06 20:15:13

Updated 2022-09-13 21:25:20

Source MITRE

View at NVD, CVE.org

Vulnerability category: Server-side request forgery (SSRF)

Exploit prediction scoring system (EPSS) score for CVE-2020-28168

Probability of exploitation activity in the next 30 days: 0.27%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 67 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2020-28168

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:P/I:N/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
5.9	MEDIUM	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N	2.2	3.6	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2020-28168

CWE-918 Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2020-28168

https://github.com/axios/axios/issues/3369

Requests that follow a redirect are not passing via the proxy · Issue #3369 · axios/axios · GitHub
Exploit;Issue Tracking;Third Party Advisory
https://lists.apache.org/thread.html/r954d80fd18e9dafef6e813963eb7e08c228151c2b6268ecd63b35d1f@%3Ccommits.druid.apache.org%3E

[GitHub] [druid] jon-wei opened a new pull request #10733: Update deps for CVE-2020-28168 and CVE-2020-28052 - Pony Mail
Mailing List;Third Party Advisory

CVEs referencing this url
https://lists.apache.org/thread.html/rdfd2901b8b697a3f6e2c9c6ecc688fd90d7f881937affb5144d61d6e@%3Ccommits.druid.apache.org%3E

[druid] 01/02: Update deps for CVE-2020-28168 and CVE-2020-28052 (#10733) - Pony Mail
Mailing List;Patch;Third Party Advisory

CVEs referencing this url
https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf

Third Party Advisory

CVEs referencing this url
https://lists.apache.org/thread.html/r25d53acd06f29244b8a103781b0339c5e7efee9099a4d52f0c230e4a@%3Ccommits.druid.apache.org%3E

[GitHub] [druid] clintropolis merged pull request #10733: Update deps for CVE-2020-28168 and CVE-2020-28052 - Pony Mail
Mailing List;Third Party Advisory

CVEs referencing this url

Products affected by CVE-2020-28168

Siemens » Sinec Ins
Versions before (<) 1.0
cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*
Matching versions
Siemens » Sinec Ins » Version: 1.0 Update SP1
cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*
Matching versions
Axios » Axios » For Node.js
Versions from including (>=) 0.19.0 and up to, including, (<=) 0.21.0
cpe:2.3:a:axios:axios:*:*:*:*:*:node.js:*:*
Matching versions

Vulnerability Details : CVE-2020-28168

Exploit prediction scoring system (EPSS) score for CVE-2020-28168

CVSS scores for CVE-2020-28168

CWE ids for CVE-2020-28168

References for CVE-2020-28168

Products affected by CVE-2020-28168