CVE-2018-8292
Information Disclosure vulnerability in System.Net.Http (NuGet)
What is CVE-2018-8292 About?
This is an information disclosure vulnerability in .NET Core that inadvertently exposes authentication data during redirects. This can lead to sensitive information being leaked to unauthorized parties. While the exploit maturity is currently low, the exposure of authentication data is a significant concern.
Affected Software
Technical Details
The vulnerability, categorized as an Information Disclosure, occurs in .NET Core 1.0, 1.1, 2.1, and PowerShell Core 6.0. It manifests when the application performs a redirect, and authentication information is unexpectedly included or exposed in the redirect process. This could involve sensitive data being appended to a URL, included in HTTP headers, or otherwise transmitted in a way that allows it to be intercepted or observed by an attacker who is not the intended recipient of the authentication data. The core mechanism involves a flaw in how .NET Core handles redirects in conjunction with authentication state, leading to an unintended disclosure.
What is the Impact of CVE-2018-8292?
Successful exploitation may allow attackers to gain unauthorized access to sensitive information, potentially including authentication credentials or session tokens, leading to further compromise.
What is the Exploitability of CVE-2018-8292?
Exploitation of this vulnerability would typically involve an attacker observing or intercepting network traffic during a redirect operation. No specific authentication or privilege is required on the attacker's part to observe the leaked information, assuming they are in a position to monitor network communications (e.g., man-in-the-middle attack). The vulnerability is remote, as it occurs during web-based interactions. The complexity primarily lies in positioning oneself to intercept the redirect. Special conditions might include specific configurations of .NET Core applications or network environments where redirects can be manipulated or observed. Risk factors include unsecured communication channels or applications that handle sensitive authentication data during redirects.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2018-8292?
Available Upgrade Options
- System.Net.Http
- <4.3.4 → Upgrade to 4.3.4
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://access.redhat.com/errata/RHSA-2018:2902
- https://access.redhat.com/errata/RHSA-2018:2902
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8292
- https://github.com/dotnet/announcements/issues/88
- http://www.securityfocus.com/bid/105548
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8292
- http://www.securityfocus.com/bid/105548
- https://nvd.nist.gov/vuln/detail/CVE-2018-8292
- https://osv.dev/vulnerability/GHSA-7jgj-8wvc-jh57
What are Similar Vulnerabilities to CVE-2018-8292?
Similar Vulnerabilities: CVE-2022-29972 , CVE-2021-34483 , CVE-2020-17049 , CVE-2019-0906 , CVE-2017-8700
