CVE-2022-24825

Smokescreen is a simple HTTP proxy that fogs over naughty URLs. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional (e.g., external) URLs by way of a deny list. There was an issue in Smokescreen that made it possible to bypass the deny list feature by appending a dot to the end of user-supplied URLs, or by providing input in a different letter case. Recommended to upgrade Smokescreen to version 0.0.3 or later.

CVSS v3 5.3 MEDIUM
CVSS v2.0 5.0 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://github.com/stripe/smokescreen	Third Party Advisory
https://github.com/stripe/smokescreen/security/advisories/GHSA-gcj7-j438-hjj2	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:stripe:smokescreen:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-04-19 20:15

Updated : 2024-02-28 19:09

NVD link : CVE-2022-24825

Mitre link : CVE-2022-24825

CVE.ORG link : CVE-2022-24825

JSON object : View

Products Affected

stripe

smokescreen

CWE

CWE-918

Server-Side Request Forgery (SSRF)

{"id": "CVE-2022-24825", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2022-04-19T20:15:13.713", "references": [{"url": "https://github.com/stripe/smokescreen", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/stripe/smokescreen/security/advisories/GHSA-gcj7-j438-hjj2", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-918"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "Smokescreen is a simple HTTP proxy that fogs over naughty URLs. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional (e.g., external) URLs by way of a deny list. There was an issue in Smokescreen that made it possible to bypass the deny list feature by appending a dot to the end of user-supplied URLs, or by providing input in a different letter case. Recommended to upgrade Smokescreen to version 0.0.3 or later."}, {"lang": "es", "value": "Smokescreen es un simple proxy HTTP que empa\u00f1a las URLs maliciosas. El principal caso de uso de Smokescreen es prevenir ataques de tipo server-side request forgery (SSRF) en los que atacantes externos aprovechan el comportamiento de las aplicaciones para conectarse o escanear la infraestructura interna. Smokescreen tambi\u00e9n ofrece una opci\u00f3n para denegar el acceso a URLs adicionales (por ejemplo, externas) mediante una lista de denegaci\u00f3n. Hab\u00eda un problema en Smokescreen que hac\u00eda posible omitir la funci\u00f3n de lista de denegaci\u00f3n al a\u00f1adir un endpoint de las URLs proporcionadas por el usuario, o proporcionando la entrada en una letra diferente. Es recomendado actualizar Smokescreen a versi\u00f3n 0.0.3 o posterior"}], "lastModified": "2022-04-27T18:42:17.370", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:stripe:smokescreen:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01972C53-A409-4A80-9407-EC0300659C35", "versionEndExcluding": "0.0.3"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}