Vulnerability CVE-2017-11173


Published: 2017-07-12   Modified: 2017-07-13

Description:
Missing anchor in generated regex for rack-cors before 0.4.1 allows a malicious third-party site to perform CORS requests. If the configuration were intended to allow only the trusted example.com domain name and not the malicious example.net domain name, then example.com.example.net (as well as example.com-example.net) would be inadvertently allowed.

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Rack-cors project -> Rack-cors 

 References:
http://seclists.org/fulldisclosure/2017/Jul/22
http://www.debian.org/security/2017/dsa-3931
https://github.com/cyu/rack-cors/commit/42ebe6caa8e85ffa9c8a171bda668ba1acc7a5e6
https://packetstormsecurity.com/files/143345/rack-cors-Missing-Anchor.html

Copyright 2024, cxsecurity.com

 

Back to Top