CVE-2022-0235

Отчет

This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low. The platform limits access to external systems and enforces strict network security boundaries through a deny-all, allow-exception system implementation. This ensures that access to external websites and systems is strictly controlled, monitored, and, if necessary, restricted. By enforcing policies on which external sites or domains users and applications can interact with, this control minimizes the risk of users being redirected to malicious websites. For example, organizations may implement allowlists of approved URLs or domains, blocking any redirections to untrusted or unauthorized sites. The platform's implementation of boundary protection includes firewalls, gateways, and intrusion detection/prevention systems. This control prevents unauthorized traffic, including malicious redirect requests, from entering or leaving the internal network. The boundary protection control can enforce URL filtering, domain allowlisting, and content inspection to block redirection attempts to known malicious domains. When configured properly, boundary protection mechanisms ensure that even if an open redirect vulnerability is exploited, the impact is limited by blocking access to harmful external sites.