CVE-2019-12524
CRITICALSquid < 4.7 - Unauthenticated Cache Manager Access via URL Encoding Bypass
Title source: llmDescription
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is implemented via url_regex. The handler for url_regex rules URL decodes an incoming request. This allows an attacker to encode their URL to bypass the url_regex check, and gain access to the blocked resource.
References (5)
Core 5
Core References
Third Party Advisory x_refsource_misc
https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12524.txt
Third Party Advisory vendor-advisory
x_refsource_debian
https://www.debian.org/security/2020/dsa-4682
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/07/msg00009.html
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4446-1/
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20210205-0006/
Scores
CVSS v3
9.8
EPSS
0.0055
EPSS Percentile
68.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-306
Status
published
Products (5)
canonical/ubuntu_linux
16.04
canonical/ubuntu_linux
18.04
debian/debian_linux
9.0
debian/debian_linux
10.0
squid-cache/squid
< 4.7
Published
Apr 15, 2020
Tracked Since
Feb 18, 2026