Vulnerability Details CVE-2019-3877
A vulnerability was found in mod_auth_mellon before v0.14.2. An open redirect in the logout URL allows requests with backslashes to pass through by assuming that it is a relative URL, while the browsers silently convert backslash characters into forward slashes treating them as an absolute URL. This mismatch allows an attacker to bypass the redirect URL validation logic in apr_uri_parse function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.7%
CVSS Severity
CVSS v3 Score 5.8
CVSS v2 Score 4.3
References
- https://access.redhat.com/errata/RHSA-2019:0766
- https://access.redhat.com/errata/RHSA-2019:3421
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3877
- https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8
- https://github.com/Uninett/mod_auth_mellon/issues/35
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7NLAU7KROWNTHAYSA2S67X347F42L2I/
- https://usn.ubuntu.com/3924-1/
- https://access.redhat.com/errata/RHSA-2019:0766
- https://access.redhat.com/errata/RHSA-2019:3421
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3877
- https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8
- https://github.com/Uninett/mod_auth_mellon/issues/35
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7NLAU7KROWNTHAYSA2S67X347F42L2I/
- https://usn.ubuntu.com/3924-1/
Products affected by CVE-2019-3877
-
cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:0.10.0
-
cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:0.11.0
-
cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:0.11.1
-
cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:0.12.0
-
cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:0.13.0
-
cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:0.13.1
-
cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:0.14.0
-
cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:0.14.1
-
cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:0.4.0
-
cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:0.5.0
-
cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:0.6.0
-
cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:0.6.1
-
cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:0.7.0
-
cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:0.8.0
-
cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:0.8.1
-
cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:0.9.0
-
cpe:2.3:a:mod_auth_mellon_project:mod_auth_mellon:0.9.1
-
cpe:2.3:o:canonical:ubuntu_linux:18.04
-
cpe:2.3:o:canonical:ubuntu_linux:18.10
-
cpe:2.3:o:fedoraproject:fedora:29
-
cpe:2.3:o:redhat:enterprise_linux:7.0