CVE-2020-15049
squid: Request smuggling and poisoning attack against the HTTP cache
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an uncommon shell whitespace character prefix to the length field-value.
Se detectó un problema en el archivo http/ContentLengthInterpreter.cc en Squid versiones anteriores a 4.12 y versiones 5.x anteriores a 5.0.3. Un ataque de Trafico No Autorizado de Peticiones y Envenenamiento puede tener éxito contra la memoria caché HTTP. El cliente envía una petición HTTP con un encabezado Content-Length que contiene "+\"-" o un prefijo del carácter espacio en blanco de shell poco común en el valor de campo de longitud
A flaw was found in squid. A trusted client is able to perform a request smuggling and poison the HTTP cache contents with crafted HTTP(S) request messages. This attack requires an upstream server to participate in the smuggling and generate the poison response sequence. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-06-25 CVE Reserved
- 2020-06-30 CVE Published
- 2024-08-04 CVE Updated
- 2024-10-24 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CAPEC
References (12)
URL | Tag | Source |
---|---|---|
https://github.com/squid-cache/squid/security/advisories/GHSA-qf3v-rc95-96j5 | Third Party Advisory | |
https://lists.debian.org/debian-lts-announce/2020/10/msg00005.html | Mailing List | |
https://security.netapp.com/advisory/ntap-20210312-0001 | X_refsource_confirm |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Squid-cache Search vendor "Squid-cache" | Squid Search vendor "Squid-cache" for product "Squid" | >= 2.0 <= 2.6 Search vendor "Squid-cache" for product "Squid" and version " >= 2.0 <= 2.6" | - |
Affected
| ||||||
Squid-cache Search vendor "Squid-cache" | Squid Search vendor "Squid-cache" for product "Squid" | >= 3.1 <= 3.5.28 Search vendor "Squid-cache" for product "Squid" and version " >= 3.1 <= 3.5.28" | - |
Affected
| ||||||
Squid-cache Search vendor "Squid-cache" | Squid Search vendor "Squid-cache" for product "Squid" | >= 4.0 < 4.12 Search vendor "Squid-cache" for product "Squid" and version " >= 4.0 < 4.12" | - |
Affected
| ||||||
Squid-cache Search vendor "Squid-cache" | Squid Search vendor "Squid-cache" for product "Squid" | >= 5.0 < 5.0.3 Search vendor "Squid-cache" for product "Squid" and version " >= 5.0 < 5.0.3" | - |
Affected
| ||||||
Squid-cache Search vendor "Squid-cache" | Squid Search vendor "Squid-cache" for product "Squid" | 2.7 Search vendor "Squid-cache" for product "Squid" and version "2.7" | - |
Affected
| ||||||
Squid-cache Search vendor "Squid-cache" | Squid Search vendor "Squid-cache" for product "Squid" | 2.7 Search vendor "Squid-cache" for product "Squid" and version "2.7" | stable2 |
Affected
| ||||||
Squid-cache Search vendor "Squid-cache" | Squid Search vendor "Squid-cache" for product "Squid" | 2.7 Search vendor "Squid-cache" for product "Squid" and version "2.7" | stable3 |
Affected
| ||||||
Squid-cache Search vendor "Squid-cache" | Squid Search vendor "Squid-cache" for product "Squid" | 2.7 Search vendor "Squid-cache" for product "Squid" and version "2.7" | stable4 |
Affected
| ||||||
Squid-cache Search vendor "Squid-cache" | Squid Search vendor "Squid-cache" for product "Squid" | 2.7 Search vendor "Squid-cache" for product "Squid" and version "2.7" | stable5 |
Affected
| ||||||
Squid-cache Search vendor "Squid-cache" | Squid Search vendor "Squid-cache" for product "Squid" | 2.7 Search vendor "Squid-cache" for product "Squid" and version "2.7" | stable6 |
Affected
| ||||||
Squid-cache Search vendor "Squid-cache" | Squid Search vendor "Squid-cache" for product "Squid" | 2.7 Search vendor "Squid-cache" for product "Squid" and version "2.7" | stable7 |
Affected
| ||||||
Squid-cache Search vendor "Squid-cache" | Squid Search vendor "Squid-cache" for product "Squid" | 2.7 Search vendor "Squid-cache" for product "Squid" and version "2.7" | stable8 |
Affected
| ||||||
Squid-cache Search vendor "Squid-cache" | Squid Search vendor "Squid-cache" for product "Squid" | 2.7 Search vendor "Squid-cache" for product "Squid" and version "2.7" | stable9 |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 31 Search vendor "Fedoraproject" for product "Fedora" and version "31" | - |
Affected
|