Common Gateway Interface Vulnerability
OWASP 2013-A5 OWASP 2017-A6 CWE-200
Common Gateway Interface is used to communicate between the user client and the web application. The vulnerability exists due to a bug in the use of the HTTP Proxy environment variable. This variable could allow an unauthorised redirection of traffic.This bug can be exploited when application code is running on CGI. This vulnerability can be exploited to perform a remote man in the middle attacks, cause Denial of Service conditions on the affected server.
The impact include:-
- Leakage of sensitive data
- Data loss
Mitigation / Precaution
The solution to this vulnerability include:-
- Block the Proxy header for all applications running in PHP or CGI.
- Apply appropriate patches provided by vendors immediately after appropriate testing.
- Check for unauthorized system modifications done on the system before applying the patch.
- Run all the applications as a non-privileged user. This reduces the effects of a successful attack.
- Apply the principle of Least Privilege to all systems and services.