PT-2022-15905 · Apache · Apache Traffic Control Traffic Ops

Walkerxiong

Published

2022-02-06

Updated

2024-08-21

CVE-2022-23206

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Apache Traffic Control Traffic Ops versions prior to 6.1.0 Apache Traffic Control Traffic Ops versions prior to 5.1.6

Description The issue allows an unprivileged user who can reach Traffic Ops over HTTPS to send a specially-crafted POST request to "/user/login/oauth" to scan a port of a server that Traffic Ops can reach. This is a case of Server-Side Request Forgery.

Recommendations For versions prior to 6.1.0, update to version 6.1.0 or later. For versions prior to 5.1.6, update to version 5.1.6 or later. As a temporary workaround, consider restricting access to the "/user/login/oauth" endpoint until a patch is available.

Fix

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CVE-2022-23206

GHSA-WP47-9R3H-XFGQ

GO-2022-0585

Affected Products

Apache Traffic Control Traffic Ops

PT-2022-15905 · Apache · Apache Traffic Control Traffic Ops

CVE-2022-23206

Weakness Enumeration

Related Identifiers

Affected Products

References · 8