Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-17004

CSRF vulnerability with flash redirect

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: 6.0.1
    • Fix Version/s: 6.1.0
    • Component/s: None
    • Labels:
      None
    • Environment:

      We should validate the csrf header value.

       

      Description

      A hacker can create a maliciously crafted flash application to gain unauthorized admin access to Artifactory.

      When using Chrome, and opening the malicious flash application that redirecting to Artifactory, the browser includes the header:

      X-Request-With: [flash id and version]

      (read more here)

      CSRF protection in Artifactory doesn't validate the value of the header, and accepts every request with this header.

        Attachments

          Activity

            People

            Assignee:
            tamirh Tamir Hadad
            Reporter:
            tamirh Tamir Hadad
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: