CVE-2019-12523

An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e.g., an attacker can connect to HTTP servers that only listen on localhost.

Published: Nov 26, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-12523
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.1
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CVSS v2:

Severity: Medium
Score: 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
squid-cache / squid	3.0	3.5.28.x
squid-cache / squid	4.0	4.8.x
canonical / ubuntu_linux	16.04	16.04.x
canonical / ubuntu_linux	18.04	18.04.x
canonical / ubuntu_linux	19.04	19.04.x
canonical / ubuntu_linux	19.10	19.10.x
fedoraproject / fedora	30	30.x
fedoraproject / fedora	31	31.x
opensuse / leap	15.0	15.0.x
debian / debian_linux	9.0	9.0.x
debian / debian_linux	10.0	10.0.x

Vulnerability Database

289,599

CVE-2019-12523