1. Home
  2. Vulnerabilities
  3. CVE-2020-15811

CVE-2020-15811

CVSS v3.1 6.5 (Medium)
65% Progress
CVSS v2.0 4 (Medium)
40% Progress
EPSS 0.15 % (52th)
0.15% Progress
Affected Products 5
Advisories 19
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the browser cache and any downstream caches with content from an arbitrary source. Squid uses a string search instead of parsing the Transfer-Encoding header to find chunked encoding. This allows an attacker to hide a second request inside Transfer-Encoding: it is interpreted by Squid as chunked and split out into a second request delivered upstream. Squid will then deliver two distinct responses to the client, corrupting any downstream caches.

Weaknesses
CWE-697
Incorrect Comparison
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2020-09-02 17:15:11
(4 years ago)
Updated Date
2024-02-02 03:04:21
(7 months ago)

Affected Products

Canonical

Debian

Fedoraproject

Opensuse

Squid-cache

Configuration #1

    CPE23 From Up To
  Squid-cache Squid prior 4.13 version cpe:2.3:a:squid-cache:squid < 4.13
  Squid-cache Squid from 5.0 version and prior 5.0.4 version cpe:2.3:a:squid-cache:squid >= 5.0 < 5.0.4

Configuration #2

    CPE23 From Up To
  Canonical Ubuntu Linux 16.04 cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts
  Canonical Ubuntu Linux 18.04 cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts
  Canonical Ubuntu Linux 20.04 cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts

Configuration #3

    CPE23 From Up To
  Debian Linux 9.0 cpe:2.3:o:debian:debian_linux:9.0
  Debian Linux 10.0 cpe:2.3:o:debian:debian_linux:10.0

Configuration #4

    CPE23 From Up To
  Fedoraproject Fedora 31 cpe:2.3:o:fedoraproject:fedora:31
  Fedoraproject Fedora 32 cpe:2.3:o:fedoraproject:fedora:32
  Fedoraproject Fedora 33 cpe:2.3:o:fedoraproject:fedora:33

Configuration #5

    CPE23 From Up To
  Opensuse Leap 15.1 cpe:2.3:o:opensuse:leap:15.1
  Opensuse Leap 15.2 cpe:2.3:o:opensuse:leap:15.2