Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2021-29622Open Redirect in Prometheus Prometheus

CWE-601Open Redirect8 documents7 sources
Severity
6.1MEDIUMNVD
CNA6.5
EPSS
86.7%
top 0.58%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Github.com Prometheus PrometheusPrometheus
Timeline
PublishedMay 19
Latest updateFeb 15

Description

Prometheus is an open-source monitoring system and time series database. In 2.23.0, Prometheus changed its default UI to the New ui. To ensure a seamless transition, the URL's prefixed by /new redirect to /. Due to a bug in the code, it is possible for an attacker to craft an URL that can redirect to any other URL, in the /new endpoint. If a user visits a prometheus server with a specially crafted address, they can be redirected to an arbitrary URL. The issue was patched in the 2.26.1 and 2.27.1

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages3 packages

NVDprometheus/prometheus2.23.02.26.1+1
Gogithub.com/prometheus_prometheus2.23.02.26.1+1
CVEListV5prometheus/prometheus>= 2.23.0, < 2.27.1

🔴Vulnerability Details

3
OSV
Arbitrary redirects under /new endpoint2022-02-15
OSV
CVE-2021-29622: Prometheus is an open-source monitoring system and time series database2021-05-19
CVEList
Arbitrary redirects under /new endpoint2021-05-19

💥Exploits & PoCs

1
Nuclei
Prometheus - Open Redirect

📋Vendor Advisories

3
Red Hat
prometheus: open redirect under the /new endpoint2021-05-18
Microsoft
Arbitrary redirects under /new endpoint2021-05-11
Debian
CVE-2021-29622: prometheus - Prometheus is an open-source monitoring system and time series database. In 2.23...2021
CVE-2021-29622 — Open Redirect in Prometheus Prometheus | cvebase