Authentication Bypass

Affecting crumb package, versions <4.0.2

Do your applications use this vulnerable package? Test your applications

Overview

crumb is CSRF crumb generation and validation plugin.

Affected versions of the package are vulnerable to Authentication Bypass. crumb does not validate the hostname while comparing a request origin against the whitelist, but rather compare http protocol alone. This opens a window for attackers to gain information by Man in the Middle (MitM) attacks.

Remediation

Upgrade crumb to version 4.0.2 or higher.

References

CVSS Score

6.5
medium severity
  • Attack Vector
    Network
  • Attack Complexity
    Low
  • Privileges Required
    None
  • User Interaction
    None
  • Scope
    Unchanged
  • Confidentiality
    Low
  • Integrity
    Low
  • Availability
    None
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Credit
Nicolas Jessel
CWE
CWE-592
Snyk ID
npm:crumb:20150213
Disclosed
12 Feb, 2015
Published
21 Jun, 2017