Lucene search

GitHub_MCVELIST:CVE-2021-29490

HistoryMay 05, 2021 - 6:25 p.m.

CVE-2021-29490 Unauthenticated GET requests through Remote Image endpoints

2021-05-0518:25:13

CWE-918

GitHub_M

www.cve.org

5.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.9%

JSON

Jellyfin is a free software media system that provides media from a dedicated server to end-user devices via multiple apps. Verions prior to 10.7.3 vulnerable to unauthenticated Server-Side Request Forgery (SSRF) attacks via the imageUrl parameter. This issue potentially exposes both internal and external HTTP servers or other resources available via HTTP GET that are visible from the Jellyfin server. The vulnerability is patched in version 10.7.3. As a workaround, disable external access to the API endpoints /Items/*/RemoteImages/Download, /Items/RemoteSearch/Image and /Images/Remote via reverse proxy, or limit to known-friendly IPs.

CNA Affected

[
  {
    "product": "jellyfin",
    "vendor": "jellyfin",
    "versions": [
      {
        "status": "affected",
        "version": "<= 10.7.2"
      }
    ]
  }
]

References

github.com/jellyfin/jellyfin/security/advisories/GHSA-rgjw-4fwc-9v96

5.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.9%

JSON

Related for CVELIST:CVE-2021-29490