CVE-2022-23527

CWE-601Open Redirect6 documents6 sources
Severity
6.1MEDIUM
EPSS
0.4%
top 36.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Zmartzone MOD Auth OpenidcOpenidc MOD Auth OpenidcDebian Debian Linux
Timeline
PublishedDec 14

Description

mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server. Versions prior to 2.4.12.2 are vulnerable to Open Redirect. When providing a logout parameter to the redirect URI, the existing code in oidc_validate_redirect_url() does not properly check for URLs that start with /\t, leading to an open redirect. This issue has been patched in version 2.4.12.2. Users unable to upgrade can mitigate the issue by configuring mod_auth_openidc to only all

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages3 packages

Debianlibapache2-mod-auth-openidc< 2.4.9.4-0+deb11u2+3
NVDopenidc/mod_auth_openidc< 2.4.12.2
CVEListV5zmartzone/mod_auth_openidc< 2.4.12.2

Also affects: Debian Linux 10.0

🔴Vulnerability Details

2
OSV
CVE-2022-23527: mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 22022-12-14
CVEList
Open Redirect in oidc_validate_redirect_url()2022-12-14

📋Vendor Advisories

3
Red Hat
mod_auth_openidc: Open Redirect in oidc_validate_redirect_url() using tab character2022-12-14
Microsoft
Open Redirect in oidc_validate_redirect_url()2022-12-13
Debian
CVE-2022-23527: libapache2-mod-auth-openidc - mod_auth_openidc is an OpenID Certified™ authentication and authorization module...2022