CVE-2019-3878 — HIGH (8.1) — White Hats Nepal

Q: How severe is CVE-2019-3878?

CVE-2019-3878 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-3878?

Check the references section above for vendor advisories and patch information. Affected products include: Mod Auth Mellon Project Mod Auth Mellon, Fedoraproject Fedora, Redhat Enterprise Linux, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server.

Vulnerability Description

A vulnerability was found in mod_auth_mellon before v0.14.2. If Apache is configured as a reverse proxy and mod_auth_mellon is configured to only let through authenticated users (with the require valid-user directive), adding special HTTP headers that are normally used to start the special SAML ECP (non-browser based) can be used to bypass authentication.

CVSS Score

8.1

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Mod Auth Mellon Project	Mod Auth Mellon	< 0.14.2
Fedoraproject	Fedora	29
Redhat	Enterprise Linux	7.0
Redhat	Enterprise Linux Desktop	7.0
Redhat	Enterprise Linux Server	7.0
Redhat	Enterprise Linux Server Aus	7.6
Redhat	Enterprise Linux Server Eus	7.6
Redhat	Enterprise Linux Server Tus	7.6
Redhat	Enterprise Linux Workstation	7.0
Canonical	Ubuntu Linux	18.04

Related Weaknesses (CWE)

CWE-305 CWE-287

References

https://access.redhat.com/errata/RHBA-2019:0959
https://access.redhat.com/errata/RHSA-2019:0746Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0766Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0985
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3878Issue TrackingPatchThird Party Advisory
https://github.com/Uninett/mod_auth_mellon/pull/196ExploitPatchThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
https://usn.ubuntu.com/3924-1/Third Party Advisory
https://access.redhat.com/errata/RHBA-2019:0959
https://access.redhat.com/errata/RHSA-2019:0746Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0766Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0985
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3878Issue TrackingPatchThird Party Advisory
https://github.com/Uninett/mod_auth_mellon/pull/196ExploitPatchThird Party Advisory

FAQ

What is CVE-2019-3878?

CVE-2019-3878 is a vulnerability with a CVSS score of 8.1 (HIGH). A vulnerability was found in mod_auth_mellon before v0.14.2. If Apache is configured as a reverse proxy and mod_auth_mellon is configured to only let through authenticated users (with the require vali...

How severe is CVE-2019-3878?

CVE-2019-3878 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-3878?

Check the references section above for vendor advisories and patch information. Affected products include: Mod Auth Mellon Project Mod Auth Mellon, Fedoraproject Fedora, Redhat Enterprise Linux, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server.