CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2019-13038 – mod_auth_mellon: Open Redirect via the login?ReturnTo= substring which could facilitate information theft
https://notcve.org/view.php?id=CVE-2019-13038
29 Jun 2019 — mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL. mod_auth_mellon hasta versión 0.14.2, presenta un problema de Redireccionamiento Abierto por medio de la subcadena login?ReturnTo=, como es demostrado al omitir el // después de http: en la URL de destino. The mod_auth_mellon module for the Apache HTTP Server is an authentication service that implements the SAML 2.0 federation protocol. The module grants ac... • https://github.com/Uninett/mod_auth_mellon/issues/35#issuecomment-503974885 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2019-3877 – mod_auth_mellon: open redirect in logout url when using URLs with backslashes
https://notcve.org/view.php?id=CVE-2019-3877
25 Mar 2019 — A vulnerability was found in mod_auth_mellon before v0.14.2. An open redirect in the logout URL allows requests with backslashes to pass through by assuming that it is a relative URL, while the browsers silently convert backslash characters into forward slashes treating them as an absolute URL. This mismatch allows an attacker to bypass the redirect URL validation logic in apr_uri_parse function. Se ha detectado una vulnerabilidad en mod_auth_mellon, en anteriores a la v0.14.2. Una redirección abierta en la... • https://access.redhat.com/errata/RHSA-2019:0766 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 8.1EPSS: 0%CPEs: 12EXPL: 1CVE-2019-3878 – mod_auth_mellon: authentication bypass in ECP flow
https://notcve.org/view.php?id=CVE-2019-3878
25 Mar 2019 — A vulnerability was found in mod_auth_mellon before v0.14.2. If Apache is configured as a reverse proxy and mod_auth_mellon is configured to only let through authenticated users (with the require valid-user directive), adding special HTTP headers that are normally used to start the special SAML ECP (non-browser based) can be used to bypass authentication. Se ha detectado una vulnerabilidad en mod_auth_mellon, en versiones anteriores a la v0.14.2. Si Apache está configurado como proxy inverso y mod_auth_mell... • https://access.redhat.com/errata/RHBA-2019:0959 • CWE-287: Improper Authentication CWE-305: Authentication Bypass by Primary Weakness •