Bug 1852550 (CVE-2020-15049)
Summary: | CVE-2020-15049 squid: Request smuggling and poisoning attack against the HTTP cache | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Guilherme de Almeida Suckevicz <gsuckevi> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | anon.amish, bnater, code, huzaifas, jonathansteffan, luhliari, uwe.knop, yozone |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | squid 4.12, squid 5.0.3 | Doc Type: | If docs needed, set a value |
Doc Text: |
A flaw was found in squid. A trusted client is able to perform a request smuggling and poison the HTTP cache contents with crafted HTTP(S) request messages. This attack requires an upstream server to participate in the smuggling and generate the poison response sequence. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2020-09-30 09:57:24 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1852551, 1853129, 1853130 | ||
Bug Blocks: | 1852556 |
Description
Guilherme de Almeida Suckevicz
2020-06-30 16:57:52 UTC
Created squid tracking bugs for this issue: Affects: fedora-all [bug 1852551] Upstream patches: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-ea12a34d338b962707d5078d6d1fc7c6eb119a22.patch Squid 5: http://www.squid-cache.org/Versions/v5/changesets/squid-5-485c9a7bb1bba88754e07ad0094647ea57a6eb8d.patch External References: https://github.com/squid-cache/squid/security/advisories/GHSA-qf3v-rc95-96j5 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:4082 https://access.redhat.com/errata/RHSA-2020:4082 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-15049 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4743 https://access.redhat.com/errata/RHSA-2020:4743 Statement: This issue has been rated as having moderate security impact, (despite of having a higher CVSS scoring) because the attack requires an upstream server to participate in the smuggling attack and generate the poison response sequence, which is really uncommon because most popular software are not vulnerable to participation in this attack. While the vulnerability does exists in squid, it is not easily exploitable and requires participation of other components on the network. |