GHSA-wp47-9r3h-xfgq

Suggest an improvement
Source
https://github.com/advisories/GHSA-wp47-9r3h-xfgq
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-wp47-9r3h-xfgq/GHSA-wp47-9r3h-xfgq.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-wp47-9r3h-xfgq
Aliases
Published
2022-02-07T00:00:23Z
Modified
2024-08-21T15:41:43.763597Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
Server-Side Request Forgery in Apache Traffic Control
Details

In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach.

Database specific
{
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-918"
    ],
    "nvd_published_at": "2022-02-06T16:15:00Z",
    "github_reviewed_at": "2022-02-14T22:58:25Z",
    "severity": "HIGH"
}
References

Affected packages

Go / github.com/apache/trafficcontrol

Package

Name
github.com/apache/trafficcontrol
View open source insights on deps.dev
Purl
pkg:golang/github.com/apache/trafficcontrol

Affected ranges

Type
SEMVER
Events
Introduced
6.0.0
Fixed
6.1.0

Go / github.com/apache/trafficcontrol

Package

Name
github.com/apache/trafficcontrol
View open source insights on deps.dev
Purl
pkg:golang/github.com/apache/trafficcontrol

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.1.6