CVE-2021-21291

CVSS v2.0

5.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions: OAuth2 Proxy versions prior to 7.0.0

Description: The issue concerns the whitelist domain feature in OAuth2 Proxy, where a domain that ends similarly to the intended domain could be allowed as a redirect. For example, if a whitelist domain is configured for ".example.com", the intention is that subdomains of example.com are allowed, but "example.com" and "badexample.com" could also match. This is due to the code not matching a dot to ensure the redirect is a subdomain.

Recommendations: For versions prior to 7.0.0, update to version 7.0.0 or later to fix the issue. As a temporary workaround, consider disabling the whitelist domain feature and run separate OAuth2 Proxy instances for each subdomain.

Exploit

Fix

Open Redirect

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-601

Related Identifiers

BIT-OAUTH2-PROXY-2021-21291

CVE-2021-21291

GHSA-4MF2-F3WH-GVF2

GO-2022-0790

Affected Products

Oauth2 Proxy

CVE-2021-21291

Weakness Enumeration

Related Identifiers

Affected Products

References · 10