Published: 27/03/2019 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

A vulnerability was found in mod_auth_mellon before v0.14.2. An open redirect in the logout URL allows requests with backslashes to pass through by assuming that it is a relative URL, while the browsers silently convert backslash characters into forward slashes treating them as an absolute URL. This mismatch allows an malicious user to bypass the redirect URL validation logic in apr_uri_parse function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mod auth mellon project mod auth mellon
fedoraproject fedora 29
redhat enterprise linux 7.0
canonical ubuntu linux 18.04
canonical ubuntu linux 18.10

Debian Bug report logs - #925197 libapache2-mod-auth-mellon: CVE-2019-3878: authentication bypass in ECP flow Package: src:libapache2-mod-auth-mellon; Maintainer for src:libapache2-mod-auth-mellon is Thijs Kinkhorst <thijs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 21 Mar 2019 06:15: ...

Several security issues were fixed in mod_auth_mellon ...

Synopsis Moderate: mod_auth_mellon security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for mod_auth_mellon is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerab ...

Synopsis Important: mod_auth_mellon security and bug fix update Type/Severity Security Advisory: Important Topic An update for mod_auth_mellon is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...

Several issues have been discovered in Apache module auth_mellon, which provides SAML 20 authentication CVE-2019-3877 It was possible to bypass the redirect URL checking on logout, so the module could be used as an open redirect facility CVE-2019-3878 When mod_auth_mellon is used in an Apache configuration which serves as a remo ...

A vulnerability was found in a previous version of mod_auth_mellon An open redirect in the logout URL allows requests with backslashes to pass through by assuming that it is a relative URL, while the browsers silently convert backslash characters into forward slashes treating them as an absolute URL This mismatch allows an attacker to bypass the ...

A vulnerability was found in mod_auth_mellon If Apache is configured as a reverse proxy and mod_auth_mellon is configured to only let through authenticated users (with the require valid-user directive), adding special HTTP headers that are normally used to start the special SAML ECP (non-browser based) can be used to bypass authentication (CVE-2 ...

CWE-601 https://github.com/Uninett/mod_auth_mellon/issues/35 https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3877 https://usn.ubuntu.com/3924-1/https://access.redhat.com/errata/RHSA-2019:0766 https://access.redhat.com/errata/RHSA-2019:3421 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7NLAU7KROWNTHAYSA2S67X347F42L2I/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925197 https://usn.ubuntu.com/3924-1/https://nvd.nist.gov

CVE-2019-3877

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect