CVE-2014-4172 — CRITICAL (9.8)

Q: How severe is CVE-2014-4172?

CVE-2014-4172 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2014-4172?

Check the references section above for vendor advisories and patch information. Affected products include: Apereo .Net Cas Client, Apereo Java Cas Client, Apereo Phpcas, Debian Debian Linux, Fedoraproject Fedora.

Vulnerability Description

A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client before 3.3.2, .NET CAS Client before 1.0.2, and phpCAS before 1.3.3 that allow remote attackers to inject arbitrary web script or HTML via the (1) service parameter to validation/AbstractUrlBasedTicketValidator.java or (2) pgtUrl parameter to validation/Cas20ServiceTicketValidator.java.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Apereo	.Net Cas Client	< 1.0.2
Apereo	Java Cas Client	< 3.3.2
Apereo	Phpcas	< 1.3.3
Debian	Debian Linux	7.0
Fedoraproject	Fedora	20

Related Weaknesses (CWE)

CWE-74

References

http://lists.fedoraproject.org/pipermail/package-announce/2014-August/137182.htmThird Party Advisory
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759718Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1131350Issue TrackingThird Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/95673Third Party AdvisoryVDB Entry
https://github.com/Jasig/dotnet-cas-client/commit/f0e030014fb7a39e5f38469f43199dPatchThird Party Advisory
https://github.com/Jasig/java-cas-client/commit/ae37092100c8eaec610dab6d83e5e05aPatchThird Party Advisory
https://github.com/Jasig/phpCAS/blob/master/docs/ChangeLogRelease NotesThird Party Advisory
https://github.com/Jasig/phpCAS/pull/125Third Party Advisory
https://issues.jasig.org/browse/CASC-228Third Party Advisory
https://www.debian.org/security/2014/dsa-3017.en.htmlThird Party Advisory
https://www.mail-archive.com/cas-user%40lists.jasig.org/msg17338.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/137182.htmThird Party Advisory
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759718Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1131350Issue TrackingThird Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/95673Third Party AdvisoryVDB Entry

FAQ

What is CVE-2014-4172?

CVE-2014-4172 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A URL parameter injection vulnerability was found in the back-channel ticket validation step of the CAS protocol in Jasig Java CAS Client before 3.3.2, .NET CAS Client before 1.0.2, and phpCAS before ...

How severe is CVE-2014-4172?

CVE-2014-4172 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2014-4172?

Check the references section above for vendor advisories and patch information. Affected products include: Apereo .Net Cas Client, Apereo Java Cas Client, Apereo Phpcas, Debian Debian Linux, Fedoraproject Fedora.