Описание
An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are viewed in terminals or processed by external systems.
A flaw was found in Django. The request.path component of HTTP requests is not properly escaped when included in internal response logging, allowing remote attackers to manipulate log output through crafted URLs. This vulnerability allows an attacker to inject arbitrary content into Django's internal log files. The consequence is potential information leakage or log file corruption.
Отчет
The vulnerability allows for log injection via crafted URLs. While remote exploitation is possible without authentication (PR:N, UI:N), the attack requires a high degree of skill and knowledge to craft malicious URLs that will be logged. The impact is limited to confidentiality and integrity; specifically, the ability to manipulate log output. This allows an attacker to potentially forge log entries, which could be used for social engineering or to obscure malicious activity. While the impact isn't arbitrary code execution or a denial of service, the ability to manipulate logs presents a security risk, especially given that logs are often used for auditing and security monitoring. The Confidentiality impact is rated 'Low' as the information leaked is limited to the manipulated log entries themselves, not sensitive data. The Scope is changed to 'C' to reflect that the vulnerability affects only the logging component.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ansible Automation Platform 2 | aap-cloud-metrics-collector-container | Fix deferred | ||
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-24/ee-dellemc-openmanage-rhel8 | Fix deferred | ||
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-24/lightspeed-rhel8 | Fix deferred | ||
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-24/platform-resource-runner-rhel8 | Fix deferred | ||
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-25/ansible-dev-tools-rhel8 | Fix deferred | ||
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-25/lightspeed-chatbot-rhel8 | Fix deferred | ||
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-25/lightspeed-rhel8 | Fix deferred | ||
| Red Hat Ansible Automation Platform 2 | ansible-automation-platform-25/platform-resource-runner-rhel8 | Fix deferred | ||
| Red Hat Ansible Automation Platform 2 | automation-controller | Fix deferred | ||
| Red Hat Discovery | discovery/discovery-server-rhel9 | Fix deferred |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
5.4 Medium
CVSS3
Связанные уязвимости
An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are viewed in terminals or processed by external systems.
An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially manipulate log output via crafted URLs. This may lead to log injection or forgery when logs are viewed in terminals or processed by external systems.
An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, ...
Django Improper Output Neutralization for Logs vulnerability
5.4 Medium
CVSS3