Miggo Logo
Miggo Vulnerability Database
CVE-2019-7617

CVE-2019-7617:
Elastic APM agent for Python client CGI proxy redirection flaw

7.2

CVSS Score
3.0

Basic Information

CVE ID
CVE-2019-7617
GHSA ID
GHSA-22jh-6gx8-f944
EPSS Score
0.43844%
CWE
CWE-20
Published
5/24/2022
Updated
9/20/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
elastic-apmpip< 5.1.05.1.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper input validation (CWE-20) when handling proxy configuration in CGI environments. CGI scripts convert HTTP headers to environment variables (e.g., 'Proxy' header becomes HTTP_PROXY). The Elastic APM agent's transport layer likely used these environment variables directly to configure its proxy settings without validation. This allowed attackers to manipulate the proxy destination by injecting malicious headers. The function responsible for setting the proxy (e.g., set_proxy in the HTTP transport) would be vulnerable as it trusted environment variables without sanitizing them in CGI contexts. The fix in 5.1.0 likely added validation or avoided using untrusted environment variables in this context.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W**n t** *l*sti* *PM ***nt *or Pyt*on v*rsions ***or* *.*.* is run *s * **I s*ript, t**r* is * v*ri**l* n*m* *l*s* *l*w i* * r*mot* *tt**k*r **n *ontrol t** proxy *****r. T*is *oul* r*sult in *n *tt**k*r r**ir**tin* *oll**t** *PM **t* to * proxy o* t

Reasoning

T** vuln*r**ility st*ms *rom improp*r input v*li**tion (*W*-**) w**n **n*lin* proxy *on*i*ur*tion in **I *nvironm*nts. **I s*ripts *onv*rt *TTP *****rs to *nvironm*nt v*ri**l*s (*.*., 'Proxy' *****r ***om*s *TTP_PROXY). T** *l*sti* *PM ***nt's tr*nsp