CVE-2018-20060

Impact:
Low
Public Date:
2018-03-26
CWE:
CWE-522
Bugzilla:
1649153: CVE-2018-20060 python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure

The MITRE CVE dictionary describes this issue as:

urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.

Find out more about CVE-2018-20060 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat Satellite 6.2 is on Maintenance Support 2 phase, hence only selected critical and important issues will be fixed. Please refer to Red Hat Satellite Product Life Cycle page for more information.

CVSS v3 metrics

NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.

CVSS3 Base Score 2.6
CVSS3 Base Metrics CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Attack Vector Adjacent Network
Attack Complexity High
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality Low
Integrity Impact None
Availability Impact None

Affected Packages State

Platform Package State
Red Hat Satellite 6 python-urllib3 Will not fix
Red Hat Satellite 6 python-requests Will not fix
Red Hat OpenStack Platform 9.0 python-urllib3 Affected
Red Hat OpenStack Platform 8.0 (Liberty) python-urllib3 Affected
Red Hat OpenStack Platform 14.0 (Rocky) python-urllib3 Affected
Red Hat OpenStack Platform 13.0 (Queens) python-urllib3 Affected
Red Hat OpenStack Platform 10 python-urllib3 Affected
Red Hat OpenShift Container Platform 3.9 python-urllib3 Affected
Red Hat OpenShift Container Platform 3.7 python-urllib3 Affected
Red Hat OpenShift Container Platform 3.6 python-urllib3 Affected
Red Hat OpenShift Container Platform 3.11 python-urllib3 Affected
Red Hat OpenShift Container Platform 3.10 python-urllib3 Affected
Red Hat Gluster Storage 3 python-urllib3 Affected
Red Hat Enterprise Linux 8 python-urllib3 Not affected
Red Hat Enterprise Linux 7 python-urllib3 Affected
Red Hat Enterprise Linux 6 python-urllib3 Affected

Mitigation

Use `retries=urllib3.Retry(redirect=0)` when performing requests if you do not need redirection and handle the redirects manually if you need them.

Last Modified

CVE description copyright © 2017, The MITRE Corporation