CVE-2021-43437

In sourcecodetester Engineers Online Portal as of 10-21-21, an attacker can manipulate the Host header as seen by the web application and cause the application to behave in unexpected ways. Very often multiple websites are hosted on the same IP address. This is where the Host Header comes in. This header specifies which website should process the HTTP request. The web server uses the value of this header to dispatch the request to the specified website. Each website hosted on the same IP address is called a virtual host. And It's possible to send requests with arbitrary Host Headers to the first virtual host.

CVSS v3 8.8 HIGH
CVSS v2.0 6.8 MEDIUM

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://medium.com/%40mayhem7999/cve-2021-43437-5c5e3b977e84
https://portswigger.net/web-security/host-header	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:engineers_online_portal_project:engineers_online_portal:1.0:*:*:*:*:*:*:*

History

07 Nov 2023, 03:39

Type	Values Removed	Values Added
References	{'url': 'https://medium.com/@mayhem7999/cve-2021-43437-5c5e3b977e84', 'name': 'https://medium.com/@mayhem7999/cve-2021-43437-5c5e3b977e84', 'tags': ['Exploit', 'Third Party Advisory'], 'refsource': 'MISC'}	() https://medium.com/%40mayhem7999/cve-2021-43437-5c5e3b977e84 -

Information

Published : 2021-12-20 20:15

Updated : 2024-02-28 18:48

NVD link : CVE-2021-43437

Mitre link : CVE-2021-43437

CVE.ORG link : CVE-2021-43437

JSON object : View

Products Affected

engineers_online_portal_project

engineers_online_portal

CWE

CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

{"id": "CVE-2021-43437", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2021-12-20T20:15:07.660", "references": [{"url": "https://medium.com/%40mayhem7999/cve-2021-43437-5c5e3b977e84", "source": "cve@mitre.org"}, {"url": "https://portswigger.net/web-security/host-header", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-74"}]}], "descriptions": [{"lang": "en", "value": "In sourcecodetester Engineers Online Portal as of 10-21-21, an attacker can manipulate the Host header as seen by the web application and cause the application to behave in unexpected ways. Very often multiple websites are hosted on the same IP address. This is where the Host Header comes in. This header specifies which website should process the HTTP request. The web server uses the value of this header to dispatch the request to the specified website. Each website hosted on the same IP address is called a virtual host. And It's possible to send requests with arbitrary Host Headers to the first virtual host."}, {"lang": "es", "value": "En el portal online de sourcecodetester Engineers a partir del 21-10-21, un atacante puede manipular el encabezado Host visualizada por la aplicaci\u00f3n web y causar que la aplicaci\u00f3n se comporte de forma inesperada. Muy a menudo varios sitios web est\u00e1n alojados en la misma direcci\u00f3n IP. Aqu\u00ed es donde entra en juego el encabezado Host. Este encabezado especifica qu\u00e9 sitio web debe procesar la petici\u00f3n HTTP. El servidor web usa el valor de este encabezado para enviar la petici\u00f3n al sitio web especifico. Cada sitio web alojado en la misma direcci\u00f3n IP es denominado host virtual. Y es posible enviar peticiones con encabezados de host arbitrarias al primer host virtual"}], "lastModified": "2023-11-07T03:39:21.683", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:engineers_online_portal_project:engineers_online_portal:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE2C0236-1BC6-45DD-B5A5-1FE81BD75296"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}