OpenLambda 2019-09-10 allows DNS rebinding attacks against the OL server for the REST API on TCP port 5000.
References
Link | Resource |
---|---|
https://github.com/open-lambda/open-lambda/issues/92 | Issue Tracking Third Party Advisory |
https://github.com/open-lambda/open-lambda/blob/9f7f935195ca74700c60ebc1ecfdaefad40d144b/src/common/config.go#L135 | Exploit Third Party Advisory |
https://github.com/open-lambda/open-lambda/blob/9f7f935195ca74700c60ebc1ecfdaefad40d144b/src/server/lambdaServer.go#L92-L97 | Exploit Third Party Advisory |
Configurations
Information
Published : 2020-01-02 16:15
Updated : 2021-07-21 04:39
NVD link : CVE-2019-20329
Mitre link : CVE-2019-20329
JSON object : View
CWE
CWE-346
Origin Validation Error
Products Affected
openlambda_project
- openlambda