CVE-2019-3877

EUVD-2019-13488
A vulnerability was found in mod_auth_mellon before v0.14.2. An open redirect in the logout URL allows requests with backslashes to pass through by assuming that it is a relative URL, while the browsers silently convert backslash characters into forward slashes treating them as an absolute URL. This mismatch allows an attacker to bypass the redirect URL validation logic in apr_uri_parse function.
Open Redirect
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.8 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
redhatCNA
5.8 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
Affected Products (NVD)
VendorProductVersion
mod_auth_mellon_projectmod_auth_mellon
𝑥
< 0.14.2
redhatenterprise_linux
7.0
canonicalubuntu_linux
18.04
canonicalubuntu_linux
18.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libapache2-mod-auth-mellon
bookworm
0.18.1-1
fixed
bullseye
0.17.0-1+deb11u1
fixed
jessie
no-dsa
sid
0.19.1-1
fixed
trixie
0.19.1-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libapache2-mod-auth-mellon
bionic
Fixed 0.13.1-1ubuntu0.1
released
cosmic
Fixed 0.14.0-1ubuntu0.1
released
disco
Fixed 0.14.2-1ubuntu1
released
eoan
Fixed 0.14.2-1ubuntu1
released
focal
Fixed 0.14.2-1ubuntu1
released
groovy
Fixed 0.14.2-1ubuntu1
released
trusty
dne
xenial
Fixed 0.12.0-2+deb9u1build0.16.04.1
released
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2019:0766
https://access.redhat.com/errata/RHSA-2019:3421
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3877
https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8
https://github.com/Uninett/mod_auth_mellon/issues/35
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7NLAU7KROWNTHAYSA2S67X347F42L2I/
https://usn.ubuntu.com/3924-1/
https://access.redhat.com/errata/RHSA-2019:0766
https://access.redhat.com/errata/RHSA-2019:3421
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3877
https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8
https://github.com/Uninett/mod_auth_mellon/issues/35
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7NLAU7KROWNTHAYSA2S67X347F42L2I/
https://usn.ubuntu.com/3924-1/