Vulnerability-Lookup

CNVD-2019-41292

Vulnerability from cnvd - Published: 2019-11-19

Title

Apache Traffic Server sslheader插件信息泄露漏洞

Description

Apache Traffic Server是美国Apache软件基金会的一套可扩展的HTTP代理和缓存服务器。 Apache Traffic Server存在信息泄露漏洞，该漏洞源于sslheaders插件从客户端证书中提取信息，并根据插件的配置在请求中设置标头，不过在某些情况下并不会将报文头从请求中剥离。攻击者可利用该漏洞获取敏感信息的访问权限。

Severity

中

Patch Name

Apache Traffic Server sslheader插件信息泄露漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://trafficserver.apache.org/downloads

Reference

https://nvd.nist.gov/vuln/detail/CVE-2018-11783

Impacted products

Name
['Apache Traffic Server 6.2.2', 'Apache Traffic Server 6.0', 'Apache Traffic Server 6.1', 'Apache Traffic Server 6.2', 'Apache Traffic Server 6.2.1', 'Apache Traffic Server 6.2.3', 'Apache Traffic Server 7.0', 'Apache Traffic Server 7.1.1', 'Apache Traffic Server 7.1.2', 'Apache Traffic Server 7.1.3', 'Apache Traffic Server 7.1.4', 'Apache Traffic Server 7.1.5', 'Apache Traffic Server 8.0', 'Apache Traffic Server 8.0.1']

Name

['Apache Traffic Server 6.2.2', 'Apache Traffic Server 6.0', 'Apache Traffic Server 6.1', 'Apache Traffic Server 6.2', 'Apache Traffic Server 6.2.1', 'Apache Traffic Server 6.2.3', 'Apache Traffic Server 7.0', 'Apache Traffic Server 7.1.1', 'Apache Traffic Server 7.1.2', 'Apache Traffic Server 7.1.3', 'Apache Traffic Server 7.1.4', 'Apache Traffic Server 7.1.5', 'Apache Traffic Server 8.0', 'Apache Traffic Server 8.0.1']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "107032"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-11783",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2018-11783"
    }
  },
  "description": "Apache Traffic Server\u662f\u7f8e\u56fdApache\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u53ef\u6269\u5c55\u7684HTTP\u4ee3\u7406\u548c\u7f13\u5b58\u670d\u52a1\u5668\u3002\n\nApache Traffic Server\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8esslheaders\u63d2\u4ef6\u4ece\u5ba2\u6237\u7aef\u8bc1\u4e66\u4e2d\u63d0\u53d6\u4fe1\u606f\uff0c\u5e76\u6839\u636e\u63d2\u4ef6\u7684\u914d\u7f6e\u5728\u8bf7\u6c42\u4e2d\u8bbe\u7f6e\u6807\u5934\uff0c\u4e0d\u8fc7\u5728\u67d0\u4e9b\u60c5\u51b5\u4e0b\u5e76\u4e0d\u4f1a\u5c06\u62a5\u6587\u5934\u4ece\u8bf7\u6c42\u4e2d\u5265\u79bb\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u7684\u8bbf\u95ee\u6743\u9650\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://trafficserver.apache.org/downloads",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-41292",
  "openTime": "2019-11-19",
  "patchDescription": "Apache Traffic Server\u662f\u7f8e\u56fdApache\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u53ef\u6269\u5c55\u7684HTTP\u4ee3\u7406\u548c\u7f13\u5b58\u670d\u52a1\u5668\u3002\r\n\r\nApache Traffic Server\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8esslheaders\u63d2\u4ef6\u4ece\u5ba2\u6237\u7aef\u8bc1\u4e66\u4e2d\u63d0\u53d6\u4fe1\u606f\uff0c\u5e76\u6839\u636e\u63d2\u4ef6\u7684\u914d\u7f6e\u5728\u8bf7\u6c42\u4e2d\u8bbe\u7f6e\u6807\u5934\uff0c\u4e0d\u8fc7\u5728\u67d0\u4e9b\u60c5\u51b5\u4e0b\u5e76\u4e0d\u4f1a\u5c06\u62a5\u6587\u5934\u4ece\u8bf7\u6c42\u4e2d\u5265\u79bb\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u7684\u8bbf\u95ee\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache Traffic Server sslheader\u63d2\u4ef6\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Apache Traffic Server 6.2.2",
      "Apache Traffic Server 6.0",
      "Apache Traffic Server 6.1",
      "Apache Traffic Server 6.2",
      "Apache Traffic Server 6.2.1",
      "Apache Traffic Server 6.2.3",
      "Apache Traffic Server 7.0",
      "Apache Traffic Server 7.1.1",
      "Apache Traffic Server 7.1.2",
      "Apache Traffic Server 7.1.3",
      "Apache Traffic Server 7.1.4",
      "Apache Traffic Server 7.1.5",
      "Apache Traffic Server 8.0",
      "Apache Traffic Server 8.0.1"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2018-11783",
  "serverity": "\u4e2d",
  "submitTime": "2019-07-25",
  "title": "Apache Traffic Server sslheader\u63d2\u4ef6\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

CVE-2018-11783 (GCVE-0-2018-11783)

Vulnerability from cvelistv5 – Published: 2019-03-07 18:00 – Updated: 2024-09-16 22:15

Summary

sslheaders plugin extracts information from the client certificate and sets headers in the request based on the configuration of the plugin. The plugin doesn't strip the headers from the request in some scenarios. This problem was discovered in versions 6.0.0 to 6.0.3, 7.0.0 to 7.1.5, and 8.0.0 to 8.0.1.

Severity ?

No CVSS data available.

CWE

Information Disclosure

Assigner

apache

References

2 references

URL	Tags
http://www.securityfocus.com/bid/107032	vdb-entryx_refsource_BID
https://lists.apache.org/thread.html/4f102f943935…	mailing-listx_refsource_MLIST

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache Traffic Server	Affected: Apache Traffic Server 6.0.0 to 6.0.3, 7.0.0 to 7.1.5, 8.0.0 to 8.0.1

Date Public ?

2019-02-12 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:17:09.243Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "107032",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/107032"
          },
          {
            "name": "[trafficserver-announce] 20190212 [ANNOUNCE] Apache Traffic Server vulnerability with sslheader plugin",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/4f102f943935476732fb1fb653d687c7b69d29d9792f0d6cf72c505e%40%3Cannounce.trafficserver.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache Traffic Server",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "Apache Traffic Server 6.0.0 to 6.0.3, 7.0.0 to 7.1.5, 8.0.0 to 8.0.1"
            }
          ]
        }
      ],
      "datePublic": "2019-02-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "sslheaders plugin extracts information from the client certificate and sets headers in the request based on the configuration of the plugin. The plugin doesn\u0027t strip the headers from the request in some scenarios. This problem was discovered in versions 6.0.0 to 6.0.3, 7.0.0 to 7.1.5, and 8.0.0 to 8.0.1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-03-08T10:57:01.000Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "name": "107032",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/107032"
        },
        {
          "name": "[trafficserver-announce] 20190212 [ANNOUNCE] Apache Traffic Server vulnerability with sslheader plugin",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/4f102f943935476732fb1fb653d687c7b69d29d9792f0d6cf72c505e%40%3Cannounce.trafficserver.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "DATE_PUBLIC": "2019-02-12T00:00:00",
          "ID": "CVE-2018-11783",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Apache Traffic Server",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Apache Traffic Server 6.0.0 to 6.0.3, 7.0.0 to 7.1.5, 8.0.0 to 8.0.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Apache Software Foundation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "sslheaders plugin extracts information from the client certificate and sets headers in the request based on the configuration of the plugin. The plugin doesn\u0027t strip the headers from the request in some scenarios. This problem was discovered in versions 6.0.0 to 6.0.3, 7.0.0 to 7.1.5, and 8.0.0 to 8.0.1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "107032",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/107032"
            },
            {
              "name": "[trafficserver-announce] 20190212 [ANNOUNCE] Apache Traffic Server vulnerability with sslheader plugin",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/4f102f943935476732fb1fb653d687c7b69d29d9792f0d6cf72c505e@%3Cannounce.trafficserver.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2018-11783",
    "datePublished": "2019-03-07T18:00:00.000Z",
    "dateReserved": "2018-06-05T00:00:00.000Z",
    "dateUpdated": "2024-09-16T22:15:51.127Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2019-41292

CVE-2018-11783 (GCVE-0-2018-11783)

Tags

Sightings

Nomenclature