CVE-2020-7659 - OpenCVE

reel through 0.6.1 allows Request Smuggling attacks due to incorrect Content-Length and Transfer encoding header parsing. It is possible to conduct HTTP request smuggling attacks by sending the Content-Length header twice. Furthermore, invalid Transfer Encoding headers were found to be parsed as valid which could be leveraged for TE:CL smuggling attacks. Note: This project is deprecated, and is not maintained any more.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Celluloid	Reel

Configuration 1 [-]

cpe:2.3:a:celluloid:reel:*:*:*:*:*:*:*:*

References

Link	Resource
https://snyk.io/vuln/SNYK-RUBY-REEL-569135	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: snyk

Published: 2020-06-01T12:50:27

Updated: 2020-06-01T12:50:27

Reserved: 2020-01-21T00:00:00

Link: CVE-2020-7659

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-06-01T13:15:10.313

Modified: 2020-06-02T17:01:51.687

Link: CVE-2020-7659

JSON object: View

Redhat Information

No data.

CWE

CWE-444

{"containers": {"cna": {"affected": [{"product": "reel", "vendor": "n/a", "versions": [{"status": "affected", "version": "All versions including 0.6.1"}]}], "descriptions": [{"lang": "en", "value": "reel through 0.6.1 allows Request Smuggling attacks due to incorrect Content-Length and Transfer encoding header parsing. It is possible to conduct HTTP request smuggling attacks by sending the Content-Length header twice. Furthermore, invalid Transfer Encoding headers were found to be parsed as valid which could be leveraged for TE:CL smuggling attacks. Note: This project is deprecated, and is not maintained any more."}], "problemTypes": [{"descriptions": [{"description": "HTTP Request Smuggling", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-06-01T12:50:27", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://snyk.io/vuln/SNYK-RUBY-REEL-569135"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "report@snyk.io", "ID": "CVE-2020-7659", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "reel", "version": {"version_data": [{"version_value": "All versions including 0.6.1"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "reel through 0.6.1 allows Request Smuggling attacks due to incorrect Content-Length and Transfer encoding header parsing. It is possible to conduct HTTP request smuggling attacks by sending the Content-Length header twice. Furthermore, invalid Transfer Encoding headers were found to be parsed as valid which could be leveraged for TE:CL smuggling attacks. Note: This project is deprecated, and is not maintained any more."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "HTTP Request Smuggling"}]}]}, "references": {"reference_data": [{"name": "https://snyk.io/vuln/SNYK-RUBY-REEL-569135", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-RUBY-REEL-569135"}]}}}}, "cveMetadata": {"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2020-7659", "datePublished": "2020-06-01T12:50:27", "dateReserved": "2020-01-21T00:00:00", "dateUpdated": "2020-06-01T12:50:27", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:celluloid:reel:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF01A15A-4713-4633-8B84-24AFA9E4EE5F", "versionEndIncluding": "0.6.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "reel through 0.6.1 allows Request Smuggling attacks due to incorrect Content-Length and Transfer encoding header parsing. It is possible to conduct HTTP request smuggling attacks by sending the Content-Length header twice. Furthermore, invalid Transfer Encoding headers were found to be parsed as valid which could be leveraged for TE:CL smuggling attacks. Note: This project is deprecated, and is not maintained any more."}, {"lang": "es", "value": "reel versiones hasta 0.6.1, permite ataques de Tr\u00e1fico No Autorizado de Peticiones debido a un an\u00e1lisis incorrecto de los Encabezados Content-Length y Transfer Encoding. Es posible conducir ataques de tr\u00e1fico de peticiones HTTP mediante el env\u00edo dos veces del encabezado Content-Length. Adem\u00e1s, se encontr\u00f3 que encabezados Transfer Encoding no v\u00e1lidos eran analizados como v\u00e1lidos, lo que pod\u00eda ser aprovechado para ataques de tr\u00e1fico no autorizado TE:CL. Nota: Este proyecto est\u00e1 obsoleto, y ya no es mantenido."}], "id": "CVE-2020-7659", "lastModified": "2020-06-02T17:01:51.687", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-06-01T13:15:10.313", "references": [{"source": "report@snyk.io", "tags": ["Third Party Advisory"], "url": "https://snyk.io/vuln/SNYK-RUBY-REEL-569135"}], "sourceIdentifier": "report@snyk.io", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-444"}], "source": "nvd@nist.gov", "type": "Primary"}]}