Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2018-25031 — Improper Input Validation in Swagger UI

CWE-20 — Improper Input Validation CWE-918 — Server-Side Request Forgery CWE-922 — Insecure Storage of Sensitive Information5 documents5 sources

Severity

4.3MEDIUMNVD

EPSS

80.4%

top 0.87%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Smartbear Swagger UI

Timeline

PublishedMar 11

Latest updateMar 12

Description

Swagger UI 4.1.2 and earlier could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions. Note: This was originally claimed to be resolved in 4.1.3. However, third parties have indicated this is not resolved in 4.1.3 and even occurs in that version and possibly others.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages1 packages

▶NVDsmartbear/swagger_ui< 4.1.3

Patches

Patch: github.com ↗Patch: security.snyk.io ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

Spoofing attack in swagger-ui↗2022-03-12

▶

OSV

Spoofing attack in swagger-ui↗2022-03-12

▶

CVEList

CVE-2018-25031: Swagger UI 4↗2022-03-11

▶

💥Exploits & PoCs

Nuclei

Swagger UI < 3.38.0 - Cross-Site Scripting

▶