Vulnerability CVE-2017-7233

Vulnerability Name:

CVE-2017-7233 (CCN-124214)

Assigned:

2017-04-04

Published:

2017-04-04

Updated:

2018-10-17

Summary:

Django 1.10 before 1.10.7, 1.9 before 1.9.13, and 1.8 before 1.8.18 relies on user input in some cases to redirect the user to an "on success" URL. The security check for these redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric URLs "safe" when they shouldn't be, aka an open redirect vulnerability. Also, if a developer relies on ``is_safe_url()`` to provide safe redirect targets and puts such a URL into a link, they could suffer from an XSS attack.

CVSS v3 Severity:

6.1 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.3 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

7.4 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

CVSS v2 Severity:

5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:C/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): Complete Availibility (A): None

Vulnerability Type:

CWE-601

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2017-7233

Source: DEBIAN
Type: UNKNOWN
DSA-3835

Source: BID
Type: Third Party Advisory, VDB Entry
97406

Source: CCN
Type: BID-97406
Django 'django.contrib.auth.views.login()' Function Open Redirection Vulnerability

Source: SECTRACK
Type: UNKNOWN
1038177

Source: REDHAT
Type: UNKNOWN
RHSA-2017:1445

Source: REDHAT
Type: UNKNOWN
RHSA-2017:1451

Source: REDHAT
Type: UNKNOWN
RHSA-2017:1462

Source: REDHAT
Type: UNKNOWN
RHSA-2017:1470

Source: REDHAT
Type: UNKNOWN
RHSA-2017:1596

Source: REDHAT
Type: UNKNOWN
RHSA-2017:3093

Source: REDHAT
Type: UNKNOWN
RHSA-2018:2927

Source: XF
Type: UNKNOWN
django-cve20177233-open-redirect(124214)

Source: CCN
Type: Django Web site
Django security releases issued: 1.10.7, 1.9.13, and 1.8.18 | Weblog | Django

Source: CONFIRM
Type: Vendor Advisory
https://www.djangoproject.com/weblog/2017/apr/04/security-releases/

Vulnerable Configuration:

Configuration 1:

cpe:/a:djangoproject:django:1.8.0:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.0:a1:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.0:b1:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.0:b2:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.0:c1:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.1:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.2:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.3:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.4:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.5:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.6:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.7:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.8:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.9:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.10:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.11:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.12:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.13:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.14:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.15:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.16:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.8.17:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.9:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.9:a1:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.9:b1:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.9:rc1:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.9:rc2:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.9.1:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.9.2:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.9.3:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.9.4:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.9.5:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.9.6:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.9.7:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.9.8:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.9.9:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.9.10:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.9.11:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.9.12:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.10.0:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.10.0:a1:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.10.0:b1:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.10.0:rc1:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.10.1:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.10.2:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.10.3:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.10.4:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.10.5:*:*:*:*:*:*:*

OR cpe:/a:djangoproject:django:1.10.6:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20177233	V	CVE-2017-7233	2022-06-30
oval:org.opensuse.security:def:113248	P	python36-Django-3.2.7-2.3 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:58069	P	Security update for xorg-x11-server (Important)	2021-12-14
oval:org.opensuse.security:def:58045	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:106660	P	python36-Django-3.2.7-2.3 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:57095	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-09-23
oval:org.opensuse.security:def:57995	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:55223	P	Security update for systemd (Important)	2021-07-21
oval:org.opensuse.security:def:56046	P	Security update for the Linux Kernel (Important)	2021-07-20
oval:org.opensuse.security:def:55200	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:57926	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:55880	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP2) (Important)	2021-04-12
oval:org.opensuse.security:def:57964	P	Security update for MozillaFirefox (Important)	2021-01-29
oval:org.opensuse.security:def:55201	P	Security update for java-1_7_1-ibm (Moderate)	2021-01-04
oval:org.opensuse.security:def:56922	P	Security update for clamav (Important)	2020-12-22
oval:org.opensuse.security:def:55774	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP2) (Important)	2020-12-07
oval:org.opensuse.security:def:55363	P	python-libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56521	P	Security update for gpg2 (Important)	2020-12-01
oval:org.opensuse.security:def:25697	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:56439	P	Security update for samba and resource-agents (Important)	2020-12-01
oval:org.opensuse.security:def:25392	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:56724	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:25683	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:56331	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25308	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:56684	P	Security update for libqt5-qtbase (Moderate)	2020-12-01
oval:org.opensuse.security:def:26414	P	Security update for python-Django (Moderate)	2020-12-01
oval:org.opensuse.security:def:56643	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:57760	P	libMagickCore-6_Q16-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25251	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:56544	P	Security update for rsyslog (Moderate)	2020-12-01
oval:org.opensuse.security:def:24968	P	Security update for avahi (Moderate)	2020-12-01
oval:org.opensuse.security:def:56605	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:57652	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:25170	P	Security update for git (Moderate)	2020-12-01
oval:org.opensuse.security:def:56522	P	Security update for rsync (Moderate)	2020-12-01
oval:org.opensuse.security:def:56531	P	Security update for unixODBC (Moderate)	2020-12-01
oval:org.opensuse.security:def:57367	P	Security update for gpgme	2020-12-01
oval:org.opensuse.security:def:25043	P	Security update for python-xdg (Moderate)	2020-12-01
oval:org.opensuse.security:def:26379	P	Security update for irssi (Moderate)	2020-12-01
oval:org.opensuse.security:def:25595	P	Security update for java-1_8_0-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:57201	P	Security update for coreutils	2020-12-01
oval:org.opensuse.security:def:55601	P	Security update for spice (Moderate)	2020-12-01
oval:org.opensuse.security:def:24979	P	Security update for polkit (Moderate)	2020-12-01
oval:org.opensuse.security:def:25741	P	Security update for vino (Moderate)	2020-12-01
oval:org.opensuse.security:def:57852	P	libspice-client-glib-2_0-8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25542	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:80704	P	Security update for python-Django (Moderate)	2018-04-18
oval:com.ubuntu.precise:def:20177233000	V	CVE-2017-7233 on Ubuntu 12.04 LTS (precise) - medium.	2017-04-04
oval:com.ubuntu.xenial:def:201772330000000	V	CVE-2017-7233 on Ubuntu 16.04 LTS (xenial) - medium.	2017-04-04
oval:com.ubuntu.trusty:def:20177233000	V	CVE-2017-7233 on Ubuntu 14.04 LTS (trusty) - medium.	2017-04-04
oval:com.ubuntu.xenial:def:20177233000	V	CVE-2017-7233 on Ubuntu 16.04 LTS (xenial) - medium.	2017-04-04

BACK