CVE-2021-37699

Next.js is an open source website development framework to be used with the React library. In affected versions specially encoded paths could be used when pages/_error.js was statically generated allowing an open redirect to occur to an external site. In general, this redirect does not directly harm users although can allow for phishing attacks by redirecting to an attacker's domain from a trusted domain. We recommend everyone to upgrade regardless of whether you can reproduce the issue or not. The issue has been patched in release 11.1.0.

CVSS v3 6.1 MEDIUM
CVSS v2.0 5.8 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

5.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:N

Exploitability : 8.6 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://github.com/vercel/next.js/releases/tag/v11.1.0	Release Notes Third Party Advisory
https://github.com/vercel/next.js/security/advisories/GHSA-vxf5-wxwp-m7g9	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:vercel:next.js::::::node.js::*
	cpe:2.3:a:vercel:next.js::::::node.js::*

History

20 Aug 2021, 12:46

Type	Values Removed	Values Added
CPE		cpe:2.3:a:vercel:next.js::::::node.js::*
CWE		CWE-601
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 5.8 v3 : 6.1
References	~~(MISC) https://github.com/vercel/next.js/releases/tag/v11.1.0 -~~	(MISC) https://github.com/vercel/next.js/releases/tag/v11.1.0 - Release Notes, Third Party Advisory
References	~~(CONFIRM) https://github.com/vercel/next.js/security/advisories/GHSA-vxf5-wxwp-m7g9 -~~	(CONFIRM) https://github.com/vercel/next.js/security/advisories/GHSA-vxf5-wxwp-m7g9 - Third Party Advisory

12 Aug 2021, 00:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-08-12 00:15

Updated : 2023-12-10 13:55

NVD link : CVE-2021-37699

Mitre link : CVE-2021-37699

CVE.ORG link : CVE-2021-37699

JSON object : View

Products Affected

vercel

next.js

CWE

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

{"id": "CVE-2021-37699", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 4.7, "exploitabilityScore": 1.6}]}, "published": "2021-08-12T00:15:06.997", "references": [{"url": "https://github.com/vercel/next.js/releases/tag/v11.1.0", "tags": ["Release Notes", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/vercel/next.js/security/advisories/GHSA-vxf5-wxwp-m7g9", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-601"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-601"}]}], "descriptions": [{"lang": "en", "value": "Next.js is an open source website development framework to be used with the React library. In affected versions specially encoded paths could be used when pages/_error.js was statically generated allowing an open redirect to occur to an external site. In general, this redirect does not directly harm users although can allow for phishing attacks by redirecting to an attacker's domain from a trusted domain. We recommend everyone to upgrade regardless of whether you can reproduce the issue or not. The issue has been patched in release 11.1.0."}, {"lang": "es", "value": "Next.js es un marco de desarrollo de sitios web de c\u00f3digo abierto que se utilizar\u00e1 con la biblioteca React. En las versiones afectadas, rutas especialmente codificadas podr\u00edan ser usadas cuando pages/_error.js se generaron est\u00e1ticamente, lo que permite que se produzca un redireccionamiento abierto a un sitio externo. En general, esta redirecci\u00f3n no da\u00f1a directamente a los usuarios, aunque puede permitir ataques de phishing al redirigir al dominio de un atacante desde un dominio de confianza. Recomendamos a todos que se actualicen, independientemente de si pueden reproducir el problema o no. El problema se corrigi\u00f3 en la versi\u00f3n 11.1.0"}], "lastModified": "2021-08-20T12:46:09.257", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "C481055F-BB50-454C-80B1-FD43CFC52896", "versionEndIncluding": "10.2.0", "versionStartIncluding": "10.0.5"}, {"criteria": "cpe:2.3:a:vercel:next.js:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "3A87C693-B910-4DD7-847A-2C5421BB06B2", "versionEndIncluding": "11.0.1", "versionStartIncluding": "11.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}