CVE-2023-0100

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-0100

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-0100.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-0100

Aliases

GHSA-4grc-q4fj-45p8

Withdrawn

2024-09-03T04:41:21.766115Z

Published

2023-03-15T15:15:09Z

Modified

2024-09-02T20:55:32Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute HTTP path for the report parameter (e.g. _report=http://xyz.com/report.rptdesign). If the host indicated in the _report parameter matched the HTTP Host header value, the report would be retrieved. However, the Host header can be tampered with on some configurations where no virtual hosts are put in place (e.g. in the default configuration of Apache Tomcat) or when the default host points to the BIRT server. This vulnerability was patched on Eclipse BIRT 4.13.

References

https://bugs.eclipse.org/bugs/show_bug.cgi?id=580391

Affected packages

Git / github.com/eclipse/birt

Affected ranges

Type: GIT
Repo: https://github.com/eclipse/birt
Events: Introduced

8b81b9770f72cac808c47158779c3c2deb7bcba5

Fixed

1263d9e8cc91bcc2964fc0c7beefae2f0d607beb