2076358 – (CVE-2022-28109) CVE-2022-28109 selenium-standalone: DNS-rebinding vulnerability

Bug 2076358 (CVE-2022-28109) - CVE-2022-28109 selenium-standalone: DNS-rebinding vulnerability

Summary: CVE-2022-28109 selenium-standalone: DNS-rebinding vulnerability

Keywords:
Status:	CLOSED WONTFIX
Alias:	CVE-2022-28109
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2076359
TreeView+	depends on / blocked

Reported:	2022-04-18 19:39 UTC by Guilherme de Almeida Suckevicz
Modified:	2022-11-14 19:42 UTC (History)
CC List:	12 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2022-08-31 01:32:53 UTC
Embargoed:

Attachments	(Terms of Use)

Description Guilherme de Almeida Suckevicz 2022-04-18 19:39:56 UTC

Selenium Selenium Grid (formerly Selenium Standalone Server) Fixed in 4.0.0-alpha-7 is affected by: DNS rebinding. The impact is: execute arbitrary code (remote). The component is: WebDriver endpoint of Selenium Grid / Selenium Standalone Server. The attack vector is: Triggered by browsing to to a malicious remote web server. The WebDriver endpoint of Selenium Server (Grid) is vulnerable to DNS rebinding. This can be used to execute arbitrary code on the machine.

References:
https://www.openwall.com/lists/oss-security/2022/02/07/3
http://www.openwall.com/lists/oss-security/2022/04/16/1
https://www.gabriel.urdhr.fr/2022/02/07/selenium-standalone-server-csrf-dns-rebinding-rce/

Comment 1 Product Security DevOps Team 2022-08-31 01:32:50 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-28109

Note You need to log in before you can comment on or make changes to this bug.