Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-17004

CSRF vulnerability with flash redirect

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Done
    • Resolution: Done
    • Affects Version/s: 6.0.1
    • Fix Version/s: 6.1.0
    • Component/s: None
    • Labels:
      None
    • Environment:

      We should validate the csrf header value.

       

    • Severity:
      Medium

      Description

      A hacker can create a maliciously crafted flash application to gain unauthorized admin access to Artifactory.

      When using Chrome, and opening the malicious flash application that redirecting to Artifactory, the browser includes the header:

      X-Request-With: [flash id and version]

      (read more here)

      CSRF protection in Artifactory doesn't validate the value of the header, and accepts every request with this header.

        Attachments

          Activity

              People

              Assignee:
              tamirh Tamir Hadad
              Reporter:
              tamirh Tamir Hadad
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Sync Status

                  Connection: RTFACT Sync
                  RTMID-17004 -
                  SYNCHRONIZED
                  • Last Sync Date: