CVE-2024-24758

Proxy-Authorization header not cleared on cross-origin redirect in fetch in Undici

Severity Score

3.9

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici already cleared Authorization headers on cross-origin redirects, but did not clear `Proxy-Authentication` headers. This issue has been patched in versions 5.28.3 and 6.6.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Undici es un cliente HTTP/1.1, escrito desde cero para Node.js. Undici ya borró los encabezados de Autorización en redirecciones de origen cruzado, pero no borró los encabezados "Proxy-Authentication". Este problema se solucionó en las versiones 5.28.3 y 6.6.1. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad.

*Credits: N/A

CVSS Scores

GitHubv3.1 3.9

Attack Vector

Network

Attack Complexity

High

Privileges Required

High

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-01-29 CVE Reserved
2024-02-16 CVE Published
2024-04-19 EPSS Updated
2024-08-01 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CAPEC

References (4)

URL	Tag	Source
http://www.openwall.com/lists/oss-security/2024/03/11/1
https://github.com/nodejs/undici/commit/b9da3e40f1f096a06b4caedbb27c2568730434ef	X_refsource_misc
https://github.com/nodejs/undici/security/advisories/GHSA-3787-6prv-h9w3	X_refsource_confirm
https://security.netapp.com/advisory/ntap-20240419-0007

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Nodejs Search vendor "Nodejs"		Undici Search vendor "Nodejs" for product "Undici"				< 5.28.3 Search vendor "Nodejs" for product "Undici" and version " < 5.28.3"		en		Affected
Nodejs Search vendor "Nodejs"		Undici Search vendor "Nodejs" for product "Undici"				>= 6.0.0 < 6.6.1 Search vendor "Nodejs" for product "Undici" and version " >= 6.0.0 < 6.6.1"		en		Affected