CVE-2023-45289
Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
Al seguir una redirección HTTP a un dominio que no es una coincidencia de subdominio o una coincidencia exacta del dominio inicial, un cliente http.no reenvía encabezados confidenciales como "Autorización" o "Cookie". Por ejemplo, una redirección de foo.com a www.foo.com reenviará el encabezado de Autorización, pero una redirección a bar.com no. Una redirección HTTP creada con fines malintencionados podría provocar que se reenvíen inesperadamente encabezados confidenciales.
A flaw was found in Go's net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2023-10-06 CVE Reserved
- 2024-03-05 CVE Published
- 2024-05-02 EPSS Updated
- 2024-11-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (8)
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://access.redhat.com/security/cve/CVE-2023-45289 | 2024-09-26 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2268018 | 2024-09-26 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Go Standard Library Search vendor "Go Standard Library" | Net/http Search vendor "Go Standard Library" for product "Net/http" | < 1.21.8 Search vendor "Go Standard Library" for product "Net/http" and version " < 1.21.8" | en |
Affected
| ||||||
Go Standard Library Search vendor "Go Standard Library" | Net/http Search vendor "Go Standard Library" for product "Net/http" | >= 1.22.0-0 < 1.22.1 Search vendor "Go Standard Library" for product "Net/http" and version " >= 1.22.0-0 < 1.22.1" | en |
Affected
| ||||||
Go Standard Library Search vendor "Go Standard Library" | Net/http/cookiejar Search vendor "Go Standard Library" for product "Net/http/cookiejar" | < 1.21.8 Search vendor "Go Standard Library" for product "Net/http/cookiejar" and version " < 1.21.8" | en |
Affected
| ||||||
Go Standard Library Search vendor "Go Standard Library" | Net/http/cookiejar Search vendor "Go Standard Library" for product "Net/http/cookiejar" | >= 1.22.0-0 < 1.22.1 Search vendor "Go Standard Library" for product "Net/http/cookiejar" and version " >= 1.22.0-0 < 1.22.1" | en |
Affected
|