CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
86.2%
An issue was discovered in Squid through 4.7. When handling requests from
users, Squid checks its rules to see if the request should be denied. Squid
by default comes with rules to block access to the Cache Manager, which
serves detailed server information meant for the maintainer. This rule is
implemented via url_regex. The handler for url_regex rules URL decodes an
incoming request. This allows an attacker to encode their URL to bypass the
url_regex check, and gain access to the blocked resource.
Author | Note |
---|---|
mdeslaur | fixed in Debian’s 3.5.23-5+deb9u2 same patch as CVE-2019-12520 |
www.squid-cache.org/Advisories/SQUID-2019_4.txt
gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12524.txt
launchpad.net/bugs/cve/CVE-2019-12524
nvd.nist.gov/vuln/detail/CVE-2019-12524
security-tracker.debian.org/tracker/CVE-2019-12524
ubuntu.com/security/notices/USN-4446-1
www.cve.org/CVERecord?id=CVE-2019-12524
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
86.2%