Miggo Logo
Miggo Vulnerability Database
CVE-2017-7266

CVE-2017-7266:
Netflix Security Monkey Open Redirect vulnerability

6.1

CVSS Score
3.0

Basic Information

CVE ID
CVE-2017-7266
GHSA ID
GHSA-j6jq-3q8p-xgg6
EPSS Score
0.47647%
CWE
CWE-601
Published
5/17/2022
Updated
4/8/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
security_monkeypip< 0.8.00.8.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper handling of the 'next' parameter in the logout functionality. While the explicit vulnerable code isn't shown in the provided diffs, the commit message explicitly references replacing Flask-Security with Flask-Security-Fork to address logout redirection vulnerabilities. The Logout.get() method in Security Monkey's codebase was the entry point for this functionality, and the dependency update (Flask-Security-Fork) contained the fix for the open redirect. This indicates the logout handler in Security Monkey's code relied on vulnerable dependency logic to process redirects.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

N*t*lix S**urity Monk*y ***or* *.*.* **s *n Op*n R**ir**t. T** lo*out *un*tion*lity ****pt** t** "n*xt" p*r*m*t*r w*i** t**n r**ir**ts to *ny *om*in irr*sp**tiv* o* t** *ost *****r.

Reasoning

T** vuln*r**ility st*ms *rom improp*r **n*lin* o* t** 'n*xt' p*r*m*t*r in t** lo*out *un*tion*lity. W*il* t** *xpli*it vuln*r**l* *o** isn't s*own in t** provi*** *i**s, t** *ommit m*ss*** *xpli*itly r***r*n**s r*pl**in* `*l*sk-S**urity` wit* `*l*sk-