CVE-2017-11173

high

Description

Missing anchor in generated regex for rack-cors before 0.4.1 allows a malicious third-party site to perform CORS requests. If the configuration were intended to allow only the trusted example.com domain name and not the malicious example.net domain name, then example.com.example.net (as well as example.com-example.net) would be inadvertently allowed.

References

https://packetstormsecurity.com/files/143345/rack-cors-Missing-Anchor.html

https://github.com/cyu/rack-cors/commit/42ebe6caa8e85ffa9c8a171bda668ba1acc7a5e6

http://www.debian.org/security/2017/dsa-3931

http://seclists.org/fulldisclosure/2017/Jul/22

Details

Source: Mitre, NVD

Published: 2017-07-13

Updated: 2020-03-03

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High