An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is used. An attacker may bypass URL-based access control to protected…
mitre·CWE-425·Published 2020-09-09
An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is used. An attacker may bypass URL-based access control to protected Virtual Hosts by submitting a non-normalized URI. This also affects versions before 0.5.2 of the "Lemonldap::NG handler for Node.js" package.
An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is used. An attacker may bypass URL-based access control to protected Virtual Hosts by submitting a non-normalized URI. This also affects versions before 0.5.2 of the "Lemonldap::NG handler for Node.js" package.
### Impact When access rules are used inside a protected host, some URL encodings may bypass filtering system. ### Patches Version 0.5.2 includes a patch that fixes the vulnerability ### Workarounds No way for users to fix or remediate the vulnerability without upgrading ### References https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2290 ### For more information If you have any questions or comments about this advisory: * Open an issue in [this repository](https://github.com/LemonLDAPNG/node-lemonldap-ng-handler/issues) or [LemonLDAP::NG GitLab](https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues) * Email us at [lemonldap-ng-users@ow2.org](mailto:lemonldap-ng-users@ow2.org)
### Impact When access rules are used inside a protected host, some URL encodings may bypass filtering system. ### Patches Version 0.5.2 includes a patch that fixes the vulnerability ### Workarounds No way for users to fix or remediate the vulnerability without upgrading ### References https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2290 ### For more information If you have any questions or comments about this advisory: * Open an issue in [this repository](https://github.com/LemonLDAPNG/node-lemonldap-ng-handler/issues) or [LemonLDAP::NG GitLab](https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues) * Email us at [lemonldap-ng-users@ow2.org](mailto:lemonldap-ng-users@ow2.org)
Se detectó un problema en LemonLDAP::NG versiones hasta 2.0.8, cuando NGINX es usado. Un atacante puede omitir el control de acceso basado en URL a los Host Virtuales protegidos mediante el envío de un URI no normalizado. Esto también afecta a las versiones anteriores a 0.5.2 del paquete "Lemonldap::NG handler for Node.js"
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 7.5 | 10.0 | 6.4 | AV:N/AC:L/Au:N/C:P/I:P/A:P |
| 3.1 | Primary | NVD | 9.8 | 3.9 | 5.9 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Secondary | GHSA | 6.5 | — | — | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |