{
  "threat_severity" : "Moderate",
  "public_date" : "2018-03-26T00:00:00Z",
  "bugzilla" : {
    "description" : "python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure",
    "id" : "1649153",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1649153"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.3",
    "cvss3_scoring_vector" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-522",
  "details" : [ "urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext." ],
  "statement" : "Red Hat Satellite 6.2 is on Maintenance Support 2 phase, hence only selected critical and important issues will be fixed. Please refer to Red Hat Satellite Product Life Cycle page for more information.\nIn Red Hat OpenStack Platform 13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-urllib3 package.",
  "affected_release" : [ {
    "product_name" : "Red Hat Ansible Tower 3.5 for RHEL 7",
    "release_date" : "2020-04-22T00:00:00Z",
    "advisory" : "RHBA-2020:1539",
    "cpe" : "cpe:/a:redhat:ansible_tower:3.5::el7",
    "package" : "ansible-tower-35/ansible-tower:3.5.6-1"
  }, {
    "product_name" : "Red Hat Ansible Tower 3.6 for RHEL 7",
    "release_date" : "2020-04-22T00:00:00Z",
    "advisory" : "RHBA-2020:1540",
    "cpe" : "cpe:/a:redhat:ansible_tower:3.6::el7",
    "package" : "ansible-tower-36/ansible-tower:3.6.4-1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2019-08-06T00:00:00Z",
    "advisory" : "RHSA-2019:2272",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "python-urllib3-0:1.10.2-7.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2020-03-17T00:00:00Z",
    "advisory" : "RHSA-2020:0850",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "python-pip-0:9.0.3-7.el7_7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2020-03-17T00:00:00Z",
    "advisory" : "RHSA-2020:0851",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "python-virtualenv-0:15.1.0-4.el7_7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2020-05-12T00:00:00Z",
    "advisory" : "RHSA-2020:2068",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "python-pip-0:9.0.3-7.el7_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2020-05-12T00:00:00Z",
    "advisory" : "RHSA-2020:2081",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "python-virtualenv-0:15.1.0-4.el7_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2020-04-28T00:00:00Z",
    "advisory" : "RHSA-2020:1605",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "python27:2.7-8020020200117110429.90f98d4f"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2020-04-28T00:00:00Z",
    "advisory" : "RHSA-2020:1916",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "python-pip-0:9.0.3-16.el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2020-04-28T00:00:00Z",
    "advisory" : "RHSA-2020:1916",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "python-pip-0:9.0.3-16.el8"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Will not fix",
    "package_name" : "python-urllib3",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "python36:3.6/python-virtualenv",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "python-urllib3",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 3.10",
    "fix_state" : "Fix deferred",
    "package_name" : "python-urllib3",
    "cpe" : "cpe:/a:redhat:openshift:3.10"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 3.11",
    "fix_state" : "Will not fix",
    "package_name" : "python-urllib3",
    "cpe" : "cpe:/a:redhat:openshift:3.11"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 3.6",
    "fix_state" : "Out of support scope",
    "package_name" : "python-urllib3",
    "cpe" : "cpe:/a:redhat:openshift:3.6"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 3.7",
    "fix_state" : "Out of support scope",
    "package_name" : "python-urllib3",
    "cpe" : "cpe:/a:redhat:openshift:3.7"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 3.9",
    "fix_state" : "Fix deferred",
    "package_name" : "python-urllib3",
    "cpe" : "cpe:/a:redhat:openshift:3.9"
  }, {
    "product_name" : "Red Hat OpenStack Platform 10 (Newton)",
    "fix_state" : "Will not fix",
    "package_name" : "python-urllib3",
    "cpe" : "cpe:/a:redhat:openstack:10"
  }, {
    "product_name" : "Red Hat OpenStack Platform 13 (Queens)",
    "fix_state" : "Will not fix",
    "package_name" : "python-urllib3",
    "cpe" : "cpe:/a:redhat:openstack:13"
  }, {
    "product_name" : "Red Hat OpenStack Platform 14 (Rocky)",
    "fix_state" : "Affected",
    "package_name" : "python-urllib3",
    "cpe" : "cpe:/a:redhat:openstack:14"
  }, {
    "product_name" : "Red Hat OpenStack Platform 8 (Liberty)",
    "fix_state" : "Will not fix",
    "package_name" : "python-urllib3",
    "cpe" : "cpe:/a:redhat:openstack:8"
  }, {
    "product_name" : "Red Hat OpenStack Platform 9 (Mitaka)",
    "fix_state" : "Will not fix",
    "package_name" : "python-urllib3",
    "cpe" : "cpe:/a:redhat:openstack:9"
  }, {
    "product_name" : "Red Hat Satellite 6",
    "fix_state" : "Out of support scope",
    "package_name" : "python-urllib3",
    "cpe" : "cpe:/a:redhat:satellite:6"
  }, {
    "product_name" : "Red Hat Software Collections",
    "fix_state" : "Will not fix",
    "package_name" : "python27-python-pip",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:3"
  }, {
    "product_name" : "Red Hat Software Collections",
    "fix_state" : "Will not fix",
    "package_name" : "python27-python-virtualenv",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:3"
  }, {
    "product_name" : "Red Hat Software Collections",
    "fix_state" : "Will not fix",
    "package_name" : "rh-python36-python-pip",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:3"
  }, {
    "product_name" : "Red Hat Software Collections",
    "fix_state" : "Will not fix",
    "package_name" : "rh-python36-python-virtualenv",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:3"
  }, {
    "product_name" : "Red Hat Storage 3",
    "fix_state" : "Will not fix",
    "package_name" : "python-urllib3",
    "cpe" : "cpe:/a:redhat:storage:3"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2018-20060\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-20060" ],
  "name" : "CVE-2018-20060",
  "mitigation" : {
    "value" : "Use `retries=urllib3.Retry(redirect=0)` when performing requests if you do not need redirection and handle the redirects manually if you need them.",
    "lang" : "en:us"
  },
  "csaw" : false
}