Lucene search

ProjectDiscoveryNUCLEI:CVE-2022-38131

HistoryFeb 04, 2024 - 11:43 a.m.

RStudio Connect - Open Redirect

2024-02-0411:43:21

ProjectDiscovery

github.com

rstudio connect

cve-2022-38131

open redirect

tenable

redirect

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

41.7%

JSON

RStudio Connect prior to 2023.01.0 is affected by an Open Redirect issue. The vulnerability could allow an attacker to redirect users to malicious websites.

id: CVE-2022-38131

info:
  name: RStudio Connect - Open Redirect
  author: xxcdd
  severity: medium
  description: |
    RStudio Connect prior to 2023.01.0 is affected by an Open Redirect issue. The vulnerability could allow an attacker to redirect users to malicious websites.
  impact: |
    An attacker can exploit the vulnerability to redirect users to malicious websites, potentially leading to phishing attacks or other security breaches.
  remediation: |
    This issue is fixed in Connect v2023.05. Additionally, for users running Connect v1.7.2 and later, the issue is resolvable via a configuration setting mentioned in the support article.
  reference:
    - https://tenable.com/security/research/tra-2022-30
    - https://support.posit.co/hc/en-us/articles/10983374992023-CVE-2022-38131-configuration-issue-in-Posit-Connect
    - https://github.com/JoshuaMart/JoshuaMart
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2022-38131
    cwe-id: CWE-601
    epss-score: 0.001
    epss-percentile: 0.41301
    cpe: cpe:2.3:a:rstudio:connect:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: rstudio
    product: connect
    shodan-query:
      - "http.favicon.hash:217119619"
      - http.title:"openvpn connect"
    fofa-query:
      - "app=\"RStudio-Connect\""
      - title="openvpn connect"
    google-query: intitle:"openvpn connect"
  tags: tenable,cve,cve2022,redirect,rstudio

http:
  - raw:
      - |
        GET //%5cexample.com HTTP/1.1
        Host: {{Hostname}}

    matchers-condition: and
    matchers:
      - type: regex
        part: header
        regex:
          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$'

      - type: status
        status:
          - 307
# digest: 4a0a00473045022100ed4b548010525ed60d2e797a65bf53c3714ee6498f996821172ef5056570d35202207c5784e1c9f550732f087b7a65a95c84bbcd26fd89db94ae6f8ed8bf59845a79:922c64590222798bb761d5b6d8e72950

References

github.com/JoshuaMart/JoshuaMart

support.posit.co/hc/en-us/articles/10983374992023-CVE-2022-38131-configuration-issue-in-Posit-Connect

tenable.com/security/research/tra-2022-30

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

41.7%

JSON

Related for NUCLEI:CVE-2022-38131