typed-rest-client 1.7.3 or lower: Auth Header Leakage on Redirect (fixed 1.8.0)
CVE-2023-30846 Published on April 26, 2023

typed-rest-client vulnerable to potential leak of authentication data to 3rd parties
typed-rest-client is a library for Node Rest and Http Clients with typings for use with TypeScript. Users of the typed-rest-client library version 1.7.3 or lower are vulnerable to leak authentication data to 3rd parties. The flow of the vulnerability is as follows: First, send any request with `BasicCredentialHandler`, `BearerCredentialHandler` or `PersonalAccessTokenCredentialHandler`. Second, the target host may return a redirection (3xx), with a link to a second host. Third, the next request will use the credentials to authenticate with the second host, by setting the `Authorization` header. The expected behavior is that the next request will *NOT* set the `Authorization` header. The problem was fixed in version 1.8.0. There are no known workarounds.

Github Repository NVD

Vulnerability Analysis

CVE-2023-30846 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
NONE

Weakness Type

Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.


Products Associated with CVE-2023-30846

Want to know whenever a new CVE is published for Microsoft Typed Rest Client? stack.watch will email you.

Microsoft Typed Rest Client
 

Affected Versions

microsoft typed-rest-client Version < 1.8.0 is affected by CVE-2023-30846

Vulnerable Packages

The following package name and versions may be associated with CVE-2023-30846

Package Manager Vulnerable Package Versions Fixed In
npm typed-rest-client < 1.8.0 1.8.0

Exploit Probability

EPSS
2.95%
Percentile
86.27%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.