CVE-2018-12395

MEDIUM

Description

By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.

References

http://www.securityfocus.com/bid/105718

http://www.securitytracker.com/id/1041944

https://access.redhat.com/errata/RHSA-2018:3005

https://access.redhat.com/errata/RHSA-2018:3006

https://bugzilla.mozilla.org/show_bug.cgi?id=1467523

https://lists.debian.org/debian-lts-announce/2018/11/msg00008.html

https://security.gentoo.org/glsa/201811-04

https://usn.ubuntu.com/3801-1/

https://www.debian.org/security/2018/dsa-4324

https://www.mozilla.org/security/advisories/mfsa2018-26/

https://www.mozilla.org/security/advisories/mfsa2018-27/

Details

Source: MITRE

Published: 2019-02-28

Updated: 2019-03-01

Type: CWE-284

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

ID	Name	Product	Family	Severity
123356	openSUSE Security Update : Mozilla Firefox (openSUSE-2019-855)	Nessus	SuSE Local Security Checks	high
700410	Mozilla Firefox < 63 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
120158	SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2018:3656-1)	Nessus	SuSE Local Security Checks	high
119903	EulerOS 2.0 SP2 : firefox (EulerOS-SA-2018-1414)	Nessus	Huawei Local Security Checks	high
119564	EulerOS 2.0 SP3 : firefox (EulerOS-SA-2018-1384)	Nessus	Huawei Local Security Checks	high
119553	SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2018:3749-2)	Nessus	SuSE Local Security Checks	high
119146	Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : firefox regressions (USN-3801-2)	Nessus	Ubuntu Local Security Checks	high
118953	SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2018:3749-1)	Nessus	SuSE Local Security Checks	high
118848	GLSA-201811-04 : Mozilla Firefox: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
118808	Debian DLA-1571-1 : firefox-esr security update	Nessus	Debian Local Security Checks	high
118709	Oracle Linux 6 : firefox (ELSA-2018-3006)	Nessus	Oracle Linux Local Security Checks	high
118444	openSUSE Security Update : Mozilla Firefox (openSUSE-2018-1268)	Nessus	SuSE Local Security Checks	high
118443	Scientific Linux Security Update : firefox on SL7.x x86_64	Nessus	Scientific Linux Local Security Checks	high
118442	Scientific Linux Security Update : firefox on SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
118406	CentOS 6 : firefox (CESA-2018:3006)	Nessus	CentOS Local Security Checks	high
118405	CentOS 7 : firefox (CESA-2018:3005)	Nessus	CentOS Local Security Checks	high
118397	Mozilla Firefox < 63 Multiple Vulnerabilities	Nessus	Windows	high
118396	Mozilla Firefox < 63 Multiple Vulnerabilities (macOS)	Nessus	MacOS X Local Security Checks	high
118395	Mozilla Firefox ESR < 60.3 Multiple Vulnerabilities	Nessus	Windows	high
118394	Mozilla Firefox ESR < 60.3 Multiple Vulnerabilities (macOS)	Nessus	MacOS X Local Security Checks	high
118393	Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : firefox vulnerabilities (USN-3801-1)	Nessus	Ubuntu Local Security Checks	high
118375	RHEL 6 : firefox (RHSA-2018:3006)	Nessus	Red Hat Local Security Checks	high
118374	RHEL 7 : firefox (RHSA-2018:3005)	Nessus	Red Hat Local Security Checks	high
118368	Oracle Linux 7 : firefox (ELSA-2018-3005)	Nessus	Oracle Linux Local Security Checks	high
118365	Debian DSA-4324-1 : firefox-esr - security update	Nessus	Debian Local Security Checks	high
118336	FreeBSD : mozilla -- multiple vulnerabilities (7c3a02b9-3273-4426-a0ba-f90fad2ff72e)	Nessus	FreeBSD Local Security Checks	high