{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-41801","assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","state":"PUBLISHED","assignerShortName":"GitHub_M","dateReserved":"2024-07-22T13:57:37.135Z","datePublished":"2024-07-25T16:50:16.180Z","dateUpdated":"2024-08-02T04:46:52.668Z"},"containers":{"cna":{"title":"OpenProject packaged installation has Open Redirect Vulnerability in Sign-In in default configuration","problemTypes":[{"descriptions":[{"cweId":"CWE-601","lang":"en","description":"CWE-601: URL Redirection to Untrusted Site ('Open Redirect')","type":"CWE"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":4.7,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N","version":"3.1"}}],"references":[{"name":"https://github.com/opf/openproject/security/advisories/GHSA-g92v-vrq6-4fpw","tags":["x_refsource_CONFIRM"],"url":"https://github.com/opf/openproject/security/advisories/GHSA-g92v-vrq6-4fpw"},{"name":"https://github.com/user-attachments/files/16371759/host-protection.patch","tags":["x_refsource_MISC"],"url":"https://github.com/user-attachments/files/16371759/host-protection.patch"},{"name":"https://www.openproject.org/docs/release-notes/14-3-0","tags":["x_refsource_MISC"],"url":"https://www.openproject.org/docs/release-notes/14-3-0"}],"affected":[{"vendor":"opf","product":"openproject","versions":[{"version":"< 14.3.0","status":"affected"}]}],"providerMetadata":{"orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M","dateUpdated":"2024-07-25T16:50:16.180Z"},"descriptions":[{"lang":"en","value":"OpenProject is open source project management software. Prior to version 14.3.0, using a forged HOST header in the default configuration of packaged installations and using the \"Login required\" setting, an attacker could redirect to a remote host to initiate a phishing attack against an OpenProject user's account. This vulnerability affects default packaged installation of OpenProject without any additional configuration or modules on Apache (such as mod_security, manually setting a host name, having a fallthrough VirtualHost). It might also affect other installations that did not take care to fix the HOST/X-Forwarded-Host headers. Version 14.3.0 includes stronger protections for the hostname from within the application using the HostAuthorization middleware of Rails to reject any requests with a host name that does not match the configured one. Also, all generated links by the application are now ensured to use the built-in hostname. Users who aren't able to upgrade immediately may use mod_security for Apache2 or manually fix the Host and X-Forwarded-Host headers in their proxying application before reaching the application server of OpenProject. Alternatively, they can manually apply the patch to opt-in to host header protections in previous versions of OpenProject."}],"source":{"advisory":"GHSA-g92v-vrq6-4fpw","discovery":"UNKNOWN"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-07-26T13:05:00.688519Z","id":"CVE-2024-41801","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-07-26T13:05:27.296Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T04:46:52.668Z"},"title":"CVE Program Container","references":[{"name":"https://github.com/opf/openproject/security/advisories/GHSA-g92v-vrq6-4fpw","tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://github.com/opf/openproject/security/advisories/GHSA-g92v-vrq6-4fpw"},{"name":"https://github.com/user-attachments/files/16371759/host-protection.patch","tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/user-attachments/files/16371759/host-protection.patch"},{"name":"https://www.openproject.org/docs/release-notes/14-3-0","tags":["x_refsource_MISC","x_transferred"],"url":"https://www.openproject.org/docs/release-notes/14-3-0"}]}]}}