1847420 – (CVE-2020-10775) CVE-2020-10775 ovirt-engine: Redirect to arbitrary URL allows for phishing

Bug 1847420 (CVE-2020-10775) - CVE-2020-10775 ovirt-engine: Redirect to arbitrary URL allows for phishing

Summary: CVE-2020-10775 ovirt-engine: Redirect to arbitrary URL allows for phishing

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2020-10775
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1848941 1866688
Blocks:	1845991
TreeView+	depends on / blocked

Reported:	2020-06-16 11:02 UTC by Stoyan Nikolov
Modified:	2021-02-16 19:53 UTC (History)
CC List:	18 users (show)
Fixed In Version:	ovirt-engine 4.4.2
Doc Type:	If docs needed, set a value
Doc Text:	An Open redirect vulnerability was found in ovirt-engine versions 4.4.1 and earlier, where it allows remote attackers to redirect users to arbitrary web sites and attempt phishing attacks. Once the target has opened the malicious URL in their browser, the critical part of the URL is no longer visible. The highest threat from this vulnerability is on confidentiality.
Clone Of:
Environment:
Last Closed:	2020-08-04 19:27:44 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2020:3247	0	None	None	None	2020-08-04 13:16:00 UTC

Description Stoyan Nikolov 2020-06-16 11:02:27 UTC

Open redirect vulnerability in ovirt-engine 4.4 and earlier allows remote attackers to redirect users to arbitrary web sites and attempt phishing attacks. Once the target has opened the malicious URL in their browser the critical part of the URL is no longer visible.

Comment 9 Stoyan Nikolov 2020-07-01 09:40:17 UTC

Acknowledgments:

Name: Chen RuiQi (QIANXIN CodeSafe Team), Chen Huiliang (QIANXIN CodeSafe Team)

Comment 10 errata-xmlrpc 2020-08-04 13:15:58 UTC

This issue has been addressed in the following products:

  Red Hat Virtualization Engine 4.4

Via RHSA-2020:3247 https://access.redhat.com/errata/RHSA-2020:3247

Comment 11 Product Security DevOps Team 2020-08-04 19:27:44 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-10775

Comment 12 Stoyan Nikolov 2020-09-08 12:02:35 UTC

Upstream fix: https://gerrit.ovirt.org/gitweb?p=ovirt-engine.git;a=commit;h=6953a1072f5a563664fd8992f31637dae66435fc

Comment 13 Stoyan Nikolov 2020-09-09 06:34:54 UTC

Upstream Changelog: https://www.ovirt.org/release/4.4.2/

Comment 14 Hardik Vyas 2020-09-09 15:31:38 UTC

Statement:

In Red Hat Gluster Storage 3, ovirt-engine(included in rhsc) was shipped as a part of Red Hat Gluster Storage Console that is no longer supported for use with Red Hat Gluster Storage 3.5. Red Hat Gluster Storage Web Administration is now the recommended monitoring tool for Red Hat Storage Gluster clusters. However, the vulnerable code is not included in the shipped version of ovirt-engine hence not affected by this flaw.

Note You need to log in before you can comment on or make changes to this bug.