Vulnerability CVE-2015-1244

Vulnerability Name:

CVE-2015-1244 (CCN-102382)

Assigned:

2015-04-14

Published:

2015-04-14

Updated:

2017-01-03

Summary:

The URLRequest::GetHSTSRedirect function in url_request/url_request.cc in Google Chrome before 42.0.2311.90 does not replace the ws scheme with the wss scheme whenever an HSTS Policy is active, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for WebSocket traffic.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

6.4 Medium (REDHAT CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N)
4.7 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-200

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2015-1244

Source: CCN
Type: Google Chrome Releases Web site
Stable Channel Update

Source: CONFIRM
Type: Vendor Advisory
http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2015:0748

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2015:1887

Source: REDHAT
Type: UNKNOWN
RHSA-2015:0816

Source: UBUNTU
Type: UNKNOWN
USN-2570-1

Source: DEBIAN
Type: UNKNOWN
DSA-3238

Source: SECTRACK
Type: UNKNOWN
1032209

Source: CONFIRM
Type: UNKNOWN
https://chromium.googlesource.com/chromium/src/net/+/2359906c4fdfa9d44b045755d23fe5327c10e010

Source: CONFIRM
Type: UNKNOWN
https://code.google.com/p/chromium/issues/detail?id=455215

Source: XF
Type: UNKNOWN
google-chrome-cve20151244-sec-bypass(102382)

Source: GENTOO
Type: UNKNOWN
GLSA-201506-04

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2015-1244

Vulnerable Configuration:

Configuration 1:

cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:google:chrome:*:*:*:*:*:*:*:* (Version <= 42.0.2311.60)

Configuration RedHat 1:

cpe:/a:redhat:rhel_extras:6:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20151244	V	CVE-2015-1244	2022-06-30
oval:org.opensuse.security:def:112065	P	chromedriver-55.0.2883.75-3.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:105614	P	chromedriver-55.0.2883.75-3.1 on GA media (Moderate)	2021-10-01
oval:org.cisecurity:def:143	P	DSA-3238-1 -- chromium-browser -- security update	2016-02-08
oval:com.ubuntu.precise:def:20151244000	V	CVE-2015-1244 on Ubuntu 12.04 LTS (precise) - medium.	2015-04-19
oval:com.ubuntu.trusty:def:20151244000	V	CVE-2015-1244 on Ubuntu 14.04 LTS (trusty) - medium.	2015-04-19
oval:com.redhat.rhsa:def:20150816	P	RHSA-2015:0816: chromium-browser security update (Important)	2015-04-16

BACK