CVE-2016-9014

Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS.

CVSS v3 8.1 HIGH
CVSS v2.0 6.8 MEDIUM

8.1^/10

CVSS v3 : HIGH

V3 Legend

Vector : AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.debian.org/security/2017/dsa-3835
http://www.securityfocus.com/bid/94068	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1037159	Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-3115-1	Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S/
https://www.djangoproject.com/weblog/2016/nov/01/security-releases/	Release Notes Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:24:::::::*
	cpe:2.3:o:fedoraproject:fedora:25:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:16.10:::::::*

Configuration 3 (hide)

OR	cpe:2.3:a:djangoproject:django:1.8:::::::*
	cpe:2.3:a:djangoproject:django:1.8.1:::::::*
	cpe:2.3:a:djangoproject:django:1.8.2:::::::*
	cpe:2.3:a:djangoproject:django:1.8.3:::::::*
	cpe:2.3:a:djangoproject:django:1.8.4:::::::*
	cpe:2.3:a:djangoproject:django:1.8.5:::::::*
	cpe:2.3:a:djangoproject:django:1.8.6:::::::*
	cpe:2.3:a:djangoproject:django:1.8.7:::::::*
	cpe:2.3:a:djangoproject:django:1.8.8:::::::*
	cpe:2.3:a:djangoproject:django:1.8.9:::::::*
	cpe:2.3:a:djangoproject:django:1.8.10:::::::*
	cpe:2.3:a:djangoproject:django:1.8.11:::::::*
	cpe:2.3:a:djangoproject:django:1.8.12:::::::*
	cpe:2.3:a:djangoproject:django:1.8.13:::::::*
	cpe:2.3:a:djangoproject:django:1.8.14:::::::*
	cpe:2.3:a:djangoproject:django:1.8.15:::::::*

Configuration 4 (hide)

OR	cpe:2.3:a:djangoproject:django:1.10:::::::*
	cpe:2.3:a:djangoproject:django:1.10.1:::::::*
	cpe:2.3:a:djangoproject:django:1.10.2:::::::*

Configuration 5 (hide)

OR	cpe:2.3:a:djangoproject:django:1.9:::::::*
	cpe:2.3:a:djangoproject:django:1.9.1:::::::*
	cpe:2.3:a:djangoproject:django:1.9.2:::::::*
	cpe:2.3:a:djangoproject:django:1.9.3:::::::*
	cpe:2.3:a:djangoproject:django:1.9.4:::::::*
	cpe:2.3:a:djangoproject:django:1.9.5:::::::*
	cpe:2.3:a:djangoproject:django:1.9.6:::::::*
	cpe:2.3:a:djangoproject:django:1.9.7:::::::*
	cpe:2.3:a:djangoproject:django:1.9.8:::::::*
	cpe:2.3:a:djangoproject:django:1.9.9:::::::*
	cpe:2.3:a:djangoproject:django:1.9.10:::::::*

History

No history.

Information

Published : 2016-12-09 20:59

Updated : 2023-11-07 02:36

NVD link : CVE-2016-9014

Mitre link : CVE-2016-9014

CVE.ORG link : CVE-2016-9014

JSON object : View

Products Affected

djangoproject

django

canonical

ubuntu_linux

fedoraproject

fedora

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2016-9014", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2016-12-09T20:59:06.970", "references": [{"url": "http://www.debian.org/security/2017/dsa-3835", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/94068", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1037159", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.ubuntu.com/usn/USN-3115-1", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ/", "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S/", "source": "cve@mitre.org"}, {"url": "https://www.djangoproject.com/weblog/2016/nov/01/security-releases/", "tags": ["Release Notes", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS."}, {"lang": "es", "value": "Django en versiones anteriores a 1.8.x en versiones anteriores a 1.8.16, 1.9.x en versiones anteriores a 1.9.11 y 1.10.x en versiones anteriores a 1.10.3 cuando settings.DEBUG es True, permiten a atacantes remotos llevar a cabo ataques de revinculaci\u00f3n DNS aprovechando el fallo para validar la cabecera del Host HTTP contra settings.ALLOWED_HOSTS."}], "lastModified": "2023-11-07T02:36:41.567", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C729D5D1-ED95-443A-9F53-5D7C2FD9B80C"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "772E9557-A371-4664-AE2D-4135AAEB89AA"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1AFB20FA-CB00-4729-AB3A-816454C6D096"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:djangoproject:django:1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BCCB794-1F30-4FC2-A63A-BCE7539BE5DF"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2510BAD7-1FB6-4F6F-A2CC-9DE9AD39B4FF"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1B388C7-ED4E-4416-969F-32263E7D7AA8"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.8.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63D36984-4C8E-4CDB-8D15-445705FCECF9"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B324AE6-ADD8-41B9-B250-A6577ACBB364"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.8.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6487058-6768-4AD3-BE27-A0B3D1ACFC08"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CFF0538-B111-44A8-ADC2-87E280186257"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.8.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3343FF8-53EC-459D-B31C-CD363D04FF42"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9B637E9-067A-4473-9B50-433CCC177982"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.8.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99A5BF6D-631B-4C8E-9868-579BD79100C7"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.8.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "280B9958-9163-4126-910A-2EF4B408DFCF"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.8.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A40373B-301E-4B81-8FA5-28D916142F59"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.8.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79BB3174-7859-4195-B7B3-BCAA280A6F80"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.8.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42EF41AF-B2FA-468A-B161-D9FE29CE53EB"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.8.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48DF0100-F98E-4997-A8F7-DC07FA4A06D6"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.8.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ECDC5647-8EA7-4595-88C2-541BC489ED2D"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:djangoproject:django:1.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE21DA5F-C086-4E98-A5DD-2B96731B56D1"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CE31960-7C68-42F3-B215-B30A87DB67CC"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.10.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3838B8E-8F0E-4F7A-88E6-FFF2590E5302"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:djangoproject:django:1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29C40BAC-6DF3-4EA2-A65A-86462DDD8723"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B754401-8503-4553-853F-4F6BCD2D2FF2"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "019C26C7-EF1F-45BB-934E-521E2E64452E"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.9.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A18691A7-E4D0-48A4-81A7-89846E991AF2"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C06EBD9-381E-4018-BFDC-E23EA18097B0"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.9.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D134048-B64F-45AE-B4A2-26E516CCF37B"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.9.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F39B83A-C10B-4B88-9491-2FB8B07D6EA5"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.9.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64A4030E-F51F-4944-BCE7-E27CD32EC7D4"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.9.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCC1F046-DAF7-4734-9F80-A3C57857AF18"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.9.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61EE8536-0E8D-477A-B8EA-817CE21D516A"}, {"criteria": "cpe:2.3:a:djangoproject:django:1.9.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "483D0F44-15C8-43A2-B3AE-331F40DA1A80"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

8.1 /10