Vulnerability CVE-2014-3730

Vulnerability Name:

CVE-2014-3730 (CCN-93158)

Assigned:

2014-05-14

Published:

2014-05-14

Updated:

2018-10-30

Summary:

The django.util.http.is_safe_url function in Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly validate URLs, which allows remote attackers to conduct open redirect attacks via a malformed URL, as demonstrated by "http:\\\djangoproject.com."

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.0 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:UR)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.0 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:UR)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-20

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2014-3730

Source: SUSE
Type: Third Party Advisory
openSUSE-SU-2014:1132

Source: SECUNIA
Type: UNKNOWN
61281

Source: UBUNTU
Type: Third Party Advisory
USN-2212-1

Source: DEBIAN
Type: Third Party Advisory
DSA-2934

Source: CCN
Type: IBM Security Bulletin 1683587
SmartCloud Provisioning - Django vulnerabilities reported in May 2014 X-Force Report

Source: MLIST
Type: Third Party Advisory
[oss-security] 20140514 CVE Reuest: Django: Malformed URLs from user input incorrectly validated

Source: MLIST
Type: Third Party Advisory
[oss-security] 20140514 Re: CVE Reuest: Django: Malformed URLs from user input incorrectly validated

Source: BID
Type: Third Party Advisory, VDB Entry
67410

Source: CCN
Type: BID-67410
Django 'is_safe_url()' Function URI Redirection Vulnerability

Source: CCN
Type: Red Hat Bugzilla Bug 1097222
CVE-2014-0223 Qemu: qcow1: validate image size to avoid out-of-bounds memory access

Source: XF
Type: UNKNOWN
django-cve20143730-sec-bypass(93158)

Source: CCN
Type: Django Web Site
Django

Source: CONFIRM
Type: Patch, Vendor Advisory
https://www.djangoproject.com/weblog/2014/may/14/security-releases-issued/

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-3730

Vulnerable Configuration:

Configuration 1:

cpe:/o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

Configuration 2:

cpe:/a:djangoproject:django:1.4:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.4.1:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.4.2:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.4.4:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.4.5:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.4.6:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.4.7:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.4.8:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.4.9:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.4.10:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.4.11:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.4.12:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:djangoproject:django:1.7:beta1:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.7:beta2:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.7:beta3:*:*:*:*:*:*

Configuration 4:

cpe:/o:opensuse:opensuse:12.3:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Configuration 5:

cpe:/a:djangoproject:django:1.6:-:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.6:beta1:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.6:beta2:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.6:beta3:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.6:beta4:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.6.1:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.6.2:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.6.3:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.6.4:*:*:*:*:*:*:*

Configuration 6:

cpe:/o:debian:debian_linux:7.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 7:

cpe:/a:djangoproject:django:1.5:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.5:alpha:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.5:beta:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.5.1:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.5.2:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.5.3:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.5.4:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.5.5:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.5.6:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.5.7:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:django:django:1.8.9:*:*:*:*:*:*:*

AND

cpe:/a:ibm:smartcloud_provisioning:2.3:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20143730	V	CVE-2014-3730	2017-03-01
oval:org.mitre.oval:def:24755	P	DSA-2934-1 python-django - security update	2014-07-21
oval:com.ubuntu.precise:def:20143730000	V	CVE-2014-3730 on Ubuntu 12.04 LTS (precise) - medium.	2014-05-16
oval:com.ubuntu.trusty:def:20143730000	V	CVE-2014-3730 on Ubuntu 14.04 LTS (trusty) - medium.	2014-05-16

BACK