Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

None

Privileges Required

None

Attack Vector

Network

0

CVE-2018-18506

Disclosure Date: February 05, 2019 •

CVE-2018-18506 CVSS v3 Base Score: 5.9

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is manually configured, but when enabled could allow for attacks on services and tools that bind to the localhost for networked behavior if they are accessed through browsing. This vulnerability affects Firefox < 65.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

5.9 Medium

Impact Score:

3.6

Exploitability Score:

2.2

Vector:

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector (AV):

Network

Attack Complexity (AC):

High

Privileges Required (PR):

None

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

None

Integrity (I):

High

Availability (A):

None

Vendors

canonical,
debian,
mozilla,
opensuse,
redhat

Products

debian linux 8.0,
debian linux 9.0,
enterprise linux 8.0,
enterprise linux desktop 6.0,
enterprise linux desktop 7.0,
enterprise linux eus 8.1,
enterprise linux eus 8.2,
enterprise linux eus 8.4,
enterprise linux eus 8.6,
enterprise linux server 6.0,
enterprise linux server 7.0,
enterprise linux server aus 7.6,
enterprise linux server aus 8.2,
enterprise linux server aus 8.4,
enterprise linux server aus 8.6,
enterprise linux server eus 7.6,
enterprise linux server tus 7.6,
enterprise linux server tus 8.2,
enterprise linux server tus 8.4,
enterprise linux server tus 8.6,
enterprise linux workstation 6.0,
enterprise linux workstation 7.0,
firefox,
leap 15.0,
leap 42.3,
ubuntu linux 14.04,
ubuntu linux 16.04,
ubuntu linux 18.04,
ubuntu linux 18.10

References

Canonical

CVE-2018-18506 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506)

BID-106773 (http://www.securityfocus.com/bid/106773)

Advisory

https://www.mozilla.org/security/advisories/mfsa2019-01

USN-3874-1 (https://usn.ubuntu.com/3874-1)

https://access.redhat.com/errata/RHSA-2019:0623

https://access.redhat.com/errata/RHSA-2019:0622

20190320 [SECURITY] [DSA 4411-1] firefox-esr security update (https://seclists.org/bugtraq/2019/Mar/28)

DSA-4411 (https://www.debian.org/security/2019/dsa-4411)

[debian-lts-announce] 20190321 [SECURITY] [DLA 1722-1] firefox-esr security update (https://lists.debian.org/debian-lts-announce/2019/03/msg00024.html)

http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00035.html

https://access.redhat.com/errata/RHSA-2019:0680

https://access.redhat.com/errata/RHSA-2019:0681

USN-3927-1 (https://usn.ubuntu.com/3927-1)

http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00043.html

DSA-4420 (https://www.debian.org/security/2019/dsa-4420)

20190401 [SECURITY] [DSA 4420-1] thunderbird security update (https://seclists.org/bugtraq/2019/Apr/0)

[debian-lts-announce] 20190401 [SECURITY] [DLA 1743-1] thunderbird security update (https://lists.debian.org/debian-lts-announce/2019/04/msg00000.html)

GLSA-201904-07 (https://security.gentoo.org/glsa/201904-07)

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00023.html

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00043.html

https://access.redhat.com/errata/RHSA-2019:0966

https://access.redhat.com/errata/RHSA-2019:1144

Rapid7

Technical Analysis