CVE-2021-37699 - OpenCVE

Next.js is an open source website development framework to be used with the React library. In affected versions specially encoded paths could be used when pages/_error.js was statically generated allowing an open redirect to occur to an external site. In general, this redirect does not directly harm users although can allow for phishing attacks by redirecting to an attacker's domain from a trusted domain. We recommend everyone to upgrade regardless of whether you can reproduce the issue or not. The issue has been patched in release 11.1.0.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Vercel	Next.js

Configuration 1 [-]

OR	cpe:2.3:a:vercel:next.js::::::node.js::*
	cpe:2.3:a:vercel:next.js::::::node.js::*

No data.

References

Link	Providers
https://github.com/vercel/next.js/releases/tag/v11.1.0
https://github.com/vercel/next.js/security/advisories/GHSA-vxf5-wxwp-m7g9

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2021-08-11T23:15:10

Updated: 2024-08-04T01:23:01.488Z

Reserved: 2021-07-29T00:00:00

Link: CVE-2021-37699

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-08-12T00:15:06.997

Modified: 2021-08-20T12:46:09.257

Link: CVE-2021-37699

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "next.js", "vendor": "vercel", "versions": [{"status": "affected", "version": "< 11.1.0"}]}], "descriptions": [{"lang": "en", "value": "Next.js is an open source website development framework to be used with the React library. In affected versions specially encoded paths could be used when pages/_error.js was statically generated allowing an open redirect to occur to an external site. In general, this redirect does not directly harm users although can allow for phishing attacks by redirecting to an attacker's domain from a trusted domain. We recommend everyone to upgrade regardless of whether you can reproduce the issue or not. The issue has been patched in release 11.1.0."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-601", "description": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-08-11T23:15:10", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/vercel/next.js/security/advisories/GHSA-vxf5-wxwp-m7g9"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/vercel/next.js/releases/tag/v11.1.0"}], "source": {"advisory": "GHSA-vxf5-wxwp-m7g9", "discovery": "UNKNOWN"}, "title": "Open Redirect in Next.js versions below 11.1.0", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-37699", "STATE": "PUBLIC", "TITLE": "Open Redirect in Next.js versions below 11.1.0"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "next.js", "version": {"version_data": [{"version_value": "< 11.1.0"}]}}]}, "vendor_name": "vercel"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Next.js is an open source website development framework to be used with the React library. In affected versions specially encoded paths could be used when pages/_error.js was statically generated allowing an open redirect to occur to an external site. In general, this redirect does not directly harm users although can allow for phishing attacks by redirecting to an attacker's domain from a trusted domain. We recommend everyone to upgrade regardless of whether you can reproduce the issue or not. The issue has been patched in release 11.1.0."}]}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/vercel/next.js/security/advisories/GHSA-vxf5-wxwp-m7g9", "refsource": "CONFIRM", "url": "https://github.com/vercel/next.js/security/advisories/GHSA-vxf5-wxwp-m7g9"}, {"name": "https://github.com/vercel/next.js/releases/tag/v11.1.0", "refsource": "MISC", "url": "https://github.com/vercel/next.js/releases/tag/v11.1.0"}]}, "source": {"advisory": "GHSA-vxf5-wxwp-m7g9", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T01:23:01.488Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/vercel/next.js/security/advisories/GHSA-vxf5-wxwp-m7g9"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/vercel/next.js/releases/tag/v11.1.0"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-37699", "datePublished": "2021-08-11T23:15:10", "dateReserved": "2021-07-29T00:00:00", "dateUpdated": "2024-08-04T01:23:01.488Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "C481055F-BB50-454C-80B1-FD43CFC52896", "versionEndIncluding": "10.2.0", "versionStartIncluding": "10.0.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "3A87C693-B910-4DD7-847A-2C5421BB06B2", "versionEndIncluding": "11.0.1", "versionStartIncluding": "11.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Next.js is an open source website development framework to be used with the React library. In affected versions specially encoded paths could be used when pages/_error.js was statically generated allowing an open redirect to occur to an external site. In general, this redirect does not directly harm users although can allow for phishing attacks by redirecting to an attacker's domain from a trusted domain. We recommend everyone to upgrade regardless of whether you can reproduce the issue or not. The issue has been patched in release 11.1.0."}, {"lang": "es", "value": "Next.js es un marco de desarrollo de sitios web de c\u00f3digo abierto que se utilizar\u00e1 con la biblioteca React. En las versiones afectadas, rutas especialmente codificadas podr\u00edan ser usadas cuando pages/_error.js se generaron est\u00e1ticamente, lo que permite que se produzca un redireccionamiento abierto a un sitio externo. En general, esta redirecci\u00f3n no da\u00f1a directamente a los usuarios, aunque puede permitir ataques de phishing al redirigir al dominio de un atacante desde un dominio de confianza. Recomendamos a todos que se actualicen, independientemente de si pueden reproducir el problema o no. El problema se corrigi\u00f3 en la versi\u00f3n 11.1.0"}], "id": "CVE-2021-37699", "lastModified": "2021-08-20T12:46:09.257", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 4.7, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2021-08-12T00:15:06.997", "references": [{"source": "security-advisories@github.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/vercel/next.js/releases/tag/v11.1.0"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/vercel/next.js/security/advisories/GHSA-vxf5-wxwp-m7g9"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-601"}], "source": "security-advisories@github.com", "type": "Secondary"}]}