CVE-2008-1106

The management interface in Akamai Client (formerly Red Swoosh) 3322 and earlier allows remote attackers to bypass authentication via an HTTP request that contains (1) no Referer header, or (2) a spoofed Referer header that matches an approved domain, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and force the client to download and execute arbitrary files.

CVSS v2.0 7.1 HIGH

7.1^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:N/I:C/A:N

Exploitability : 8.6 / Impact : 6.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact COMPLETE

Availability Impact NONE

References

Link	Resource
http://secunia.com/advisories/30135	Patch Vendor Advisory
http://secunia.com/secunia_research/2008-19/advisory/	Vendor Advisory
http://securityreason.com/securityalert/3930
http://www.securityfocus.com/archive/1/493169/100/0/threaded
http://www.securityfocus.com/archive/1/493170/100/0/threaded
http://www.securitytracker.com/id?1020208
http://www.vupen.com/english/advisories/2008/1761/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42895

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:akamai_technologies:client::::::::
	cpe:2.3:a:red_swoosh:client::::::::

History

No history.

Information

Published : 2008-06-09 23:32

Updated : 2024-02-04 17:33

NVD link : CVE-2008-1106

Mitre link : CVE-2008-1106

CVE.ORG link : CVE-2008-1106

JSON object : View

Products Affected

akamai_technologies

client

red_swoosh

client

CWE

CWE-287

Improper Authentication

CWE-352

Cross-Site Request Forgery (CSRF)

{"id": "CVE-2008-1106", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:N", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2008-06-09T23:32:00.000", "references": [{"url": "http://secunia.com/advisories/30135", "tags": ["Patch", "Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://secunia.com/secunia_research/2008-19/advisory/", "tags": ["Vendor Advisory"], "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://securityreason.com/securityalert/3930", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.securityfocus.com/archive/1/493169/100/0/threaded", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.securityfocus.com/archive/1/493170/100/0/threaded", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.securitytracker.com/id?1020208", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "http://www.vupen.com/english/advisories/2008/1761/references", "source": "PSIRT-CNA@flexerasoftware.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42895", "source": "PSIRT-CNA@flexerasoftware.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}, {"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "The management interface in Akamai Client (formerly Red Swoosh) 3322 and earlier allows remote attackers to bypass authentication via an HTTP request that contains (1) no Referer header, or (2) a spoofed Referer header that matches an approved domain, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and force the client to download and execute arbitrary files."}, {"lang": "es", "value": "La interfaz de administraci\u00f3n de Akamai Client (formerly Red Swoosh) 3322 y versiones anteriores permite a atacantes remotos evitar la autenticaci\u00f3n a trav\u00e9s de una petici\u00f3n HTTP que contiene (1) la cabecera Referer , o (2) una cabecera envenenada Referer que coincide con un dominio v\u00e1lido, lo cual permite a atacantes remotos llevar a cabo un ataque de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) y forzar al cliente a descargar y ejecutar ficheros de su elecci\u00f3n."}], "lastModified": "2018-10-11T20:29:40.367", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:akamai_technologies:client:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "788B4A79-AD9D-4622-8706-4DA457A58BFC", "versionEndIncluding": "3322"}, {"criteria": "cpe:2.3:a:red_swoosh:client:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97803775-8BB2-4BA7-AC5D-A8A9B877237F", "versionEndIncluding": "3322"}], "operator": "OR"}]}], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com"}