CVE-2020-35217

Published: Jan 20, 2021Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Vert.x-Web framework v4.0 milestone 1-4 does not perform a correct CSRF verification. Instead of comparing the CSRF token in the request with the CSRF token in the cookie, it compares the CSRF token in the cookie against a CSRF token that is stored in the session. An attacker does not even need to provide a CSRF token in the request because the framework does not consider it. The cookies are automatically sent by the browser and the verification will always succeed, leading to a successful CSRF attack.

Affected (4)

Products: Eclipse: Vert.x Web

Eclipse

1 product

Vert.x Web

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Eclipse Vert.x Web	Version 4.0.0 milestone1
Eclipse Vert.x Web	Version 4.0.0 milestone2
Eclipse Vert.x Web	Version 4.0.0 milestone3
Eclipse Vert.x Web	Version 4.0.0 milestone4

Related CWEs

CWE-352

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (2)

https://github.com/vert-x3/vertx-web/pull/1613

Source: cve@mitre.org

PatchThird Party Advisory

https://github.com/vert-x3/vertx-web/pull/1613

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

Timeline

No history available yet.