OpenLambda 2019-09-10 allows DNS rebinding attacks against the OL server for the REST API on TCP port 5000.
References
Link | Resource |
---|---|
https://github.com/open-lambda/open-lambda/blob/9f7f935195ca74700c60ebc1ecfdaefad40d144b/src/common/config.go#L135 | Exploit Third Party Advisory |
https://github.com/open-lambda/open-lambda/blob/9f7f935195ca74700c60ebc1ecfdaefad40d144b/src/server/lambdaServer.go#L92-L97 | Exploit Third Party Advisory |
https://github.com/open-lambda/open-lambda/issues/92 | Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-01-02T23:51:00
Updated: 2020-01-02T23:51:00
Reserved: 2020-01-02T00:00:00
Link: CVE-2019-20329
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-01-03T00:15:11.097
Modified: 2021-07-21T11:39:23.747
Link: CVE-2019-20329
JSON object: View
Redhat Information
No data.
CWE