CVE-2020-5404 - OpenCVE

The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects.

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:P/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Pivotal	Reactor Netty

Configuration 1 [-]

OR	cpe:2.3:a:pivotal:reactor_netty::::::::
	cpe:2.3:a:pivotal:reactor_netty::::::::

References

Link	Resource
https://pivotal.io/security/cve-2020-5404	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: pivotal

Published: 2020-02-27T00:00:00

Updated: 2020-03-03T17:55:13

Reserved: 2020-01-03T00:00:00

Link: CVE-2020-5404

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-03-03T18:15:12.157

Modified: 2021-07-07T14:15:08.213

Link: CVE-2020-5404

JSON object: View

Redhat Information

No data.

CWE

CWE-522

{"containers": {"cna": {"affected": [{"product": "Reactor Netty", "vendor": "Pivotal", "versions": [{"lessThan": "v0.8.16.RELEASE", "status": "affected", "version": "0.8", "versionType": "custom"}, {"lessThan": "v0.9.5.RELEASE", "status": "affected", "version": "0.9", "versionType": "custom"}]}], "datePublic": "2020-02-27T00:00:00", "descriptions": [{"lang": "en", "value": "The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects."}], "metrics": [{"cvssV3_0": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-522", "description": "CWE-522: Insufficiently Protected Credentials", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-03-03T17:55:13", "orgId": "862b2186-222f-48b9-af87-f1fb7bb26d03", "shortName": "pivotal"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://pivotal.io/security/cve-2020-5404"}], "source": {"discovery": "UNKNOWN"}, "title": "Authentication Leak On Redirect With Reactor Netty HttpClient", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@pivotal.io", "DATE_PUBLIC": "2020-02-27T00:00:00.000Z", "ID": "CVE-2020-5404", "STATE": "PUBLIC", "TITLE": "Authentication Leak On Redirect With Reactor Netty HttpClient"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Reactor Netty", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_name": "0.8", "version_value": "v0.8.16.RELEASE"}, {"affected": "<", "version_affected": "<", "version_name": "0.9", "version_value": "v0.9.5.RELEASE"}]}}]}, "vendor_name": "Pivotal"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects."}]}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-522: Insufficiently Protected Credentials"}]}]}, "references": {"reference_data": [{"name": "https://pivotal.io/security/cve-2020-5404", "refsource": "CONFIRM", "url": "https://pivotal.io/security/cve-2020-5404"}]}, "source": {"discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "862b2186-222f-48b9-af87-f1fb7bb26d03", "assignerShortName": "pivotal", "cveId": "CVE-2020-5404", "datePublished": "2020-02-27T00:00:00", "dateReserved": "2020-01-03T00:00:00", "dateUpdated": "2020-03-03T17:55:13", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pivotal:reactor_netty:*:*:*:*:*:*:*:*", "matchCriteriaId": "D17BE00C-FA7A-4024-AB15-5D12D1394CB7", "versionEndIncluding": "0.8.15", "versionStartIncluding": "0.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:pivotal:reactor_netty:*:*:*:*:*:*:*:*", "matchCriteriaId": "F4298A26-4A66-4528-9A83-6C71739184CE", "versionEndIncluding": "0.9.4", "versionStartIncluding": "0.9.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects."}, {"lang": "es", "value": "El HttpClient del Reactor Netty, versiones 0.9.x anteriores a 0.9.5, y versiones 0.8.x anteriores a 0.8.16, puede ser usado incorrectamente, conllevando a un filtrado de credenciales durante un redireccionamiento hacia un dominio diferente. A fin de que esto ocurra, el HttpClient debe haber sido configurado expl\u00edcitamente para seguir los redireccionamientos."}], "id": "CVE-2020-5404", "lastModified": "2021-07-07T14:15:08.213", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 1.3, "impactScore": 4.7, "source": "security@pivotal.io", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-03-03T18:15:12.157", "references": [{"source": "security@pivotal.io", "tags": ["Vendor Advisory"], "url": "https://pivotal.io/security/cve-2020-5404"}], "sourceIdentifier": "security@pivotal.io", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-522"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-522"}], "source": "security@pivotal.io", "type": "Secondary"}]}