CVE-2021-43807

HTTP Method Spoofing in Opencast

Severity Score

6.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Opencast is an Open Source Lecture Capture & Video Management for Education. Opencast versions prior to 9.10 allow HTTP method spoofing, allowing to change the assumed HTTP method via URL parameter. This allows attackers to turn HTTP GET requests into PUT requests or an HTTP form to send DELETE requests. This bypasses restrictions otherwise put on these types of requests and aids in cross-site request forgery (CSRF) attacks, which would otherwise not be possible. The vulnerability allows attackers to craft links or forms which may change the server state. This issue is fixed in Opencast 9.10 and 10.0. You can mitigate the problem by setting the `SameSite=Strict` attribute for your cookies. If this is a viable option for you depends on your integrations. We strongly recommend updating in any case.

Opencast es un software de código abierto para la captura de conferencias y administración de vídeo para la educación. Opencast versiones anteriores a la 9.10 permiten una suplantación del método HTTP, permitiendo cambiar el método HTTP asumido por medio del parámetro de la URL. Esto permite a atacantes convertir las peticiones HTTP GET en peticiones PUT o un formulario HTTP para enviar peticiones DELETE. Esto evita las restricciones impuestas a este tipo de peticiones y ayuda a realizar ataques de tipo cross-site request forgery (CSRF), que de otro modo no serían posibles. La vulnerabilidad permite a atacantes crear enlaces o formularios que pueden cambiar el estado del servidor. Este problema se ha corregido en Opencast versiones 9.10 y 10.0. Puede mitigar el problema al establecer el atributo "SameSite=Strict" para sus cookies. Si esta es una opción viable para usted depende de sus integraciones. Recomendamos encarecidamente la actualización en cualquier caso

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2021-11-16 CVE Reserved
2021-12-14 CVE Published
2024-08-04 CVE Updated
2024-08-04 First Exploit
2024-08-29 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-290: Authentication Bypass by Spoofing

CAPEC

References (3)

URL	Tag	Source

URL	Date	SRC
https://github.com/opencast/opencast/security/advisories/GHSA-j4mm-7pj3-jf7v	2024-08-04

URL	Date	SRC
https://github.com/opencast/opencast/commit/59cb6731067283e54f15462be38b6117d8b9ea8b#diff-9c5fb3d1b7e3b0f54bc5c4182965c4fe1f9023d449017cece3005d3f90e8e4d8	2021-12-20
https://github.com/opencast/opencast/commit/8f8271e1085f6f8e306c689d6a56b0bb8d076444	2021-12-20

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Apereo Search vendor "Apereo"		Opencast Search vendor "Apereo" for product "Opencast"				< 9.10 Search vendor "Apereo" for product "Opencast" and version " < 9.10"		-		Affected