cvelistv5 - cve-2024-22244

CVE-2024-22244 (GCVE-0-2024-22244)

Vulnerability from cvelistv5 – Published: 2024-06-10 23:02 – Updated: 2024-08-01 22:43

Summary

Open Redirect in Harbor <=v2.8.4, <=v2.9.2, and <=v2.10.0 may redirect a user to a malicious site.

Severity ?

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

CWE

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Assigner

vmware

References

URL

Tags

https://github.com/goharbor/harbor/security/advis…

Impacted products

	Vendor	Product	Version
	Harbor	Harbor	Affected: 2.8 , ≤ 2.8.4 (custom) Unknown: 2.9 , ≤ 2.9.2 (custom) Affected: 2.10 , ≤ 2.10.0 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22244",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-11T18:31:28.512933Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-11T18:31:37.085Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:43:33.635Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/goharbor/harbor/security/advisories/GHSA-5757-v49g-f6r7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Harbor",
          "repo": "https://github.com/goharbor/harbor",
          "vendor": "Harbor",
          "versions": [
            {
              "lessThanOrEqual": "2.8.4",
              "status": "affected",
              "version": "2.8",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "2.9.2",
              "status": "unknown",
              "version": "2.9",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "2.10.0",
              "status": "affected",
              "version": "2.10",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Open Redirect in Harbor\u0026nbsp; \u0026lt;=v2.8.4, \u0026lt;=v2.9.2, and \u0026lt;=v2.10.0 may redirect a user to a malicious site."
            }
          ],
          "value": "Open Redirect in Harbor\u00a0 \u003c=v2.8.4, \u003c=v2.9.2, and \u003c=v2.10.0 may redirect a user to a malicious site."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-98",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-98 Phishing"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-601",
              "description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-10T23:02:59.347Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://github.com/goharbor/harbor/security/advisories/GHSA-5757-v49g-f6r7"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Harbor Open Redirect URL",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2024-22244",
    "datePublished": "2024-06-10T23:02:59.347Z",
    "dateReserved": "2024-01-08T18:43:03.535Z",
    "dateUpdated": "2024-08-01T22:43:33.635Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Open Redirect in Harbor\\u00a0 \u003c=v2.8.4, \u003c=v2.9.2, and \u003c=v2.10.0 may redirect a user to a malicious site.\"}, {\"lang\": \"es\", \"value\": \"Open Redirect en Harbor \u0026lt;=v2.8.4, \u0026lt;=v2.9.2 y \u0026lt;=v2.10.0 puede redirigir a un usuario a un sitio malicioso.\"}]",
      "id": "CVE-2024-22244",
      "lastModified": "2024-11-21T08:55:52.717",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security@vmware.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 1.4}]}",
      "published": "2024-06-10T23:15:49.590",
      "references": "[{\"url\": \"https://github.com/goharbor/harbor/security/advisories/GHSA-5757-v49g-f6r7\", \"source\": \"security@vmware.com\"}, {\"url\": \"https://github.com/goharbor/harbor/security/advisories/GHSA-5757-v49g-f6r7\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "security@vmware.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"security@vmware.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-601\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-22244\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2024-06-10T23:15:49.590\",\"lastModified\":\"2025-02-26T20:32:37.077\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Open Redirect in Harbor\u00a0 \u003c=v2.8.4, \u003c=v2.9.2, and \u003c=v2.10.0 may redirect a user to a malicious site.\"},{\"lang\":\"es\",\"value\":\"Open Redirect en Harbor \u0026lt;=v2.8.4, \u0026lt;=v2.9.2 y \u0026lt;=v2.10.0 puede redirigir a un usuario a un sitio malicioso.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-601\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-601\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:harbor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.8.0\",\"versionEndExcluding\":\"2.8.5\",\"matchCriteriaId\":\"5E81DFF8-F3FB-41BC-A1AD-09063DCF8431\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:harbor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.9.0\",\"versionEndExcluding\":\"2.9.3\",\"matchCriteriaId\":\"302F9780-20A5-4FFD-ABAC-3BD1A79A3037\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:harbor:2.10.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"79CFD0F5-0830-42FD-8B39-2D2A68F6B79F\"}]}]}],\"references\":[{\"url\":\"https://github.com/goharbor/harbor/security/advisories/GHSA-5757-v49g-f6r7\",\"source\":\"security@vmware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/goharbor/harbor/security/advisories/GHSA-5757-v49g-f6r7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/goharbor/harbor/security/advisories/GHSA-5757-v49g-f6r7\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T22:43:33.635Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-22244\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-06-11T18:31:28.512933Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-11T18:31:33.673Z\"}}], \"cna\": {\"title\": \"Harbor Open Redirect URL\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"capecId\": \"CAPEC-98\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-98 Phishing\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/goharbor/harbor\", \"vendor\": \"Harbor\", \"product\": \"Harbor\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.8\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2.8.4\"}, {\"status\": \"unknown\", \"version\": \"2.9\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2.9.2\"}, {\"status\": \"affected\", \"version\": \"2.10\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2.10.0\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/goharbor/harbor/security/advisories/GHSA-5757-v49g-f6r7\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Open Redirect in Harbor\\u00a0 \u003c=v2.8.4, \u003c=v2.9.2, and \u003c=v2.10.0 may redirect a user to a malicious site.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Open Redirect in Harbor\u0026nbsp; \u0026lt;=v2.8.4, \u0026lt;=v2.9.2, and \u0026lt;=v2.10.0 may redirect a user to a malicious site.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-601\", \"description\": \"CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"shortName\": \"vmware\", \"dateUpdated\": \"2024-06-10T23:02:59.347Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-22244\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T22:43:33.635Z\", \"dateReserved\": \"2024-01-08T18:43:03.535Z\", \"assignerOrgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"datePublished\": \"2024-06-10T23:02:59.347Z\", \"assignerShortName\": \"vmware\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

WID-SEC-W-2024-1263

Vulnerability from csaf_certbund - Published: 2024-05-30 22:00 - Updated: 2024-05-30 22:00

Summary

Harbor: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Harbor ist eine Registry, die die Docker Distribution erweitert, um Artefakte mit Richtlinien und rollenbasierter Zugriffskontrolle zu sichern.

Angriff

Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Harbor ausnutzen, um Informationen offenzulegen und um URLs zu manipulieren.

Betroffene Betriebssysteme

- Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Harbor ist eine Registry, die die Docker Distribution erweitert, um Artefakte mit Richtlinien und rollenbasierter Zugriffskontrolle zu sichern.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Harbor ausnutzen, um Informationen offenzulegen und um URLs zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1263 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1263.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1263 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1263"
      },
      {
        "category": "external",
        "summary": "GitHub Security Database vom 2024-05-30",
        "url": "https://github.com/goharbor/harbor/security/advisories/GHSA-vw63-824v-qf2j"
      },
      {
        "category": "external",
        "summary": "GitHub Security Database vom 2024-05-30",
        "url": "http://github.com/goharbor/harbor/security/advisories/GHSA-5757-v49g-f6r7"
      }
    ],
    "source_lang": "en-US",
    "title": "Harbor: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-05-30T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:09:42.852+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-1263",
      "initial_release_date": "2024-05-30T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-05-30T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cv2.8.6",
                "product": {
                  "name": "Open Source Harbor \u003cv2.8.6",
                  "product_id": "T035120"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cv2.9.4",
                "product": {
                  "name": "Open Source Harbor \u003cv2.9.4",
                  "product_id": "T035121"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cv2.10.2",
                "product": {
                  "name": "Open Source Harbor \u003cv2.10.2",
                  "product_id": "T035122"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cv2.9.3",
                "product": {
                  "name": "Open Source Harbor \u003cv2.9.3",
                  "product_id": "T035124"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cv2.10.1",
                "product": {
                  "name": "Open Source Harbor \u003cv2.10.1",
                  "product_id": "T035125"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cv2.8.5",
                "product": {
                  "name": "Open Source Harbor \u003cv2.8.5",
                  "product_id": "T035126"
                }
              }
            ],
            "category": "product_name",
            "name": "Harbor"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-22261",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Harbor, die auf eine unzureichende Validierung und Bereinigung von Benutzereingaben zur\u00fcckzuf\u00fchren ist, was zu SQL-Injection f\u00fchrt. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen."
        }
      ],
      "release_date": "2024-05-30T22:00:00.000+00:00",
      "title": "CVE-2024-22261"
    },
    {
      "cve": "CVE-2024-22244",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Harbor, die auf eine unzureichende URL-Validierung w\u00e4hrend der OIDC-Authentifizierung zur\u00fcckzuf\u00fchren ist und einen Open-Redirect-Angriff erm\u00f6glicht. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, indem er b\u00f6sartige URLs erstellt, die Benutzer auf Phishing- oder b\u00f6sartige Websites umleiten."
        }
      ],
      "release_date": "2024-05-30T22:00:00.000+00:00",
      "title": "CVE-2024-22244"
    }
  ]
}

FKIE_CVE-2024-22244

Vulnerability from fkie_nvd - Published: 2024-06-10 23:15 - Updated: 2025-02-26 20:32

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

Open Redirect in Harbor <=v2.8.4, <=v2.9.2, and <=v2.10.0 may redirect a user to a malicious site.

References

	URL	Tags
	security@vmware.com	https://github.com/goharbor/harbor/security/advisories/GHSA-5757-v49g-f6r7	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/goharbor/harbor/security/advisories/GHSA-5757-v49g-f6r7	Vendor Advisory

Impacted products

Vendor	Product	Version
linuxfoundation	harbor	*
linuxfoundation	harbor	*
linuxfoundation	harbor	2.10.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:linuxfoundation:harbor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E81DFF8-F3FB-41BC-A1AD-09063DCF8431",
              "versionEndExcluding": "2.8.5",
              "versionStartIncluding": "2.8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:linuxfoundation:harbor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "302F9780-20A5-4FFD-ABAC-3BD1A79A3037",
              "versionEndExcluding": "2.9.3",
              "versionStartIncluding": "2.9.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:linuxfoundation:harbor:2.10.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "79CFD0F5-0830-42FD-8B39-2D2A68F6B79F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Open Redirect in Harbor\u00a0 \u003c=v2.8.4, \u003c=v2.9.2, and \u003c=v2.10.0 may redirect a user to a malicious site."
    },
    {
      "lang": "es",
      "value": "Open Redirect en Harbor \u0026lt;=v2.8.4, \u0026lt;=v2.9.2 y \u0026lt;=v2.10.0 puede redirigir a un usuario a un sitio malicioso."
    }
  ],
  "id": "CVE-2024-22244",
  "lastModified": "2025-02-26T20:32:37.077",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "security@vmware.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-06-10T23:15:49.590",
  "references": [
    {
      "source": "security@vmware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/goharbor/harbor/security/advisories/GHSA-5757-v49g-f6r7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/goharbor/harbor/security/advisories/GHSA-5757-v49g-f6r7"
    }
  ],
  "sourceIdentifier": "security@vmware.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-601"
        }
      ],
      "source": "security@vmware.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-601"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2024-22244

Vulnerability from gsd - Updated: 2024-01-09 06:02

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2024-22244

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-22244"
      ],
      "id": "GSD-2024-22244",
      "modified": "2024-01-09T06:02:15.374910Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2024-22244",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

GHSA-5757-V49G-F6R7

Vulnerability from github – Published: 2024-06-02 22:32 – Updated: 2025-02-26 22:18

Summary

Open Redirect URL in Harbor

Details

Description

Under OIDC authentication mode, there is a redirect_url parameter exposed in the URL which is used to redirect the current user to the defined location after the successful OIDC login, This redirect_url can be an ambiguous URL and can be used to embed a phishing URL. For example: if a user clicks the URL with a malicious redirect_url:

https://<harbor_hostnmae>/c/oidc/login?redirect_url=https://<redirect_domain>

It might redirect the current user without their knowledge to a malicious site, posing a potential risk. To avoid this issue, the redirect_url should be checked if it is a local path when reading it from the original request URL.

//src/core/controllers/oidc.go
...
redirectURL := oc.Ctx.Request.URL.Query().Get("redirect_url")
if !utils.IsLocalPath(redirectURL) {
    log.Errorf("invalid redirect url: %v", redirectURL)
    oc.SendBadRequestError(fmt.Errorf("cannot redirect to other site"))
    return
}
if err := oc.SetSession(redirectURLKey, redirectURL); err != nil {
...

Impact

When Harbor is configured with OIDC authentication and users log in via a link outside the Harbor server, it might be vulnerable to an open redirect attack. This attack only involves the OIDC Harbor user, if the current Harbor instance is not configured with OIDC auth, the redirect_url doesn't exist and the Harbor instance is not vulnerable to the open redirect attack.

The following versions of Harbor are involved: <=Harbor 2.8.4, <=Harbor 2.9.2, <= Harbor 2.10.0

Patches

Harbor 2.8.5, Harbor 2.9.3, Harbor 2.10.1

Workarounds

When the Harbor is configured with OIDC authentication, warn the user not to log into the Harbor through external links.

References

N/A

Credit

Thanks Arnaud Cordier (arnaud@cordier.work)

Severity ?

4.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/goharbor/harbor"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.8.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/goharbor/harbor"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.9.0"
            },
            {
              "fixed": "2.9.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/goharbor/harbor"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.10.0"
            },
            {
              "fixed": "2.10.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-22244"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-601"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-06-02T22:32:32Z",
    "nvd_published_at": "2024-06-10T23:15:49Z",
    "severity": "MODERATE"
  },
  "details": "### Description\nUnder OIDC authentication mode, there is a redirect_url parameter exposed in the URL which is used to redirect the current user to the defined location after the successful OIDC login, This redirect_url can be an ambiguous URL and can be used to embed a phishing URL.\nFor example: if a user clicks the URL with a malicious redirect_url:\n```\nhttps://\u003charbor_hostnmae\u003e/c/oidc/login?redirect_url=https://\u003credirect_domain\u003e\n```\nIt might redirect the current user without their knowledge to a malicious site, posing a potential risk.\nTo avoid this issue, the redirect_url should be checked if it is a local path when reading it from the original request URL. \n```\n//src/core/controllers/oidc.go\n...\nredirectURL := oc.Ctx.Request.URL.Query().Get(\"redirect_url\")\nif !utils.IsLocalPath(redirectURL) {\n    log.Errorf(\"invalid redirect url: %v\", redirectURL)\n    oc.SendBadRequestError(fmt.Errorf(\"cannot redirect to other site\"))\n    return\n}\nif err := oc.SetSession(redirectURLKey, redirectURL); err != nil {\n...\n```\n### Impact\nWhen Harbor is configured with OIDC authentication and users log in via a link outside the Harbor server, it might be vulnerable to an open redirect attack. This attack only involves the OIDC Harbor user, if the current Harbor instance is not configured with OIDC auth, the redirect_url doesn\u0027t exist and the Harbor instance is not vulnerable to the open redirect attack.\n\nThe following versions of Harbor are involved:\n\u003c=Harbor 2.8.4, \u003c=Harbor 2.9.2, \u003c= Harbor 2.10.0\n\n### Patches\nHarbor 2.8.5, Harbor 2.9.3, Harbor 2.10.1\n\n### Workarounds\nWhen the Harbor is configured with OIDC authentication, warn the user not to log into the Harbor through external links.\n\n### References\nN/A\n\n### Credit\nThanks Arnaud Cordier (arnaud@cordier.work)",
  "id": "GHSA-5757-v49g-f6r7",
  "modified": "2025-02-26T22:18:08Z",
  "published": "2024-06-02T22:32:32Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/goharbor/harbor/security/advisories/GHSA-5757-v49g-f6r7"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22244"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/goharbor/harbor"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2024-2915"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Open Redirect URL in Harbor"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-22244 (GCVE-0-2024-22244)

WID-SEC-W-2024-1263

FKIE_CVE-2024-22244

GSD-2024-22244

GHSA-5757-V49G-F6R7

Description

Impact

Patches

Workarounds

References

Credit

Tags

Sightings

Nomenclature