Login Sign Up

CVE-2024-22244

4.3 MEDIUM
Open Redirect

📋 TL;DR

This CVE describes an open redirect vulnerability in Harbor container registry software. Attackers can craft malicious URLs that redirect Harbor users to external malicious sites when clicked. This affects all Harbor users running vulnerable versions.

💻 Affected Systems

Products:
  • Harbor
Versions: <=v2.8.4, <=v2.9.2, <=v2.10.0
Operating Systems: All platforms running Harbor
Default Config Vulnerable: ⚠️ Yes
Notes: All standard Harbor deployments are affected; no special configuration required for exploitation.

📦 What is this software?

Harbor by Linuxfoundation

View all CVEs affecting Harbor →

Harbor by Linuxfoundation

View all CVEs affecting Harbor →

Harbor by Linuxfoundation

View all CVEs affecting Harbor →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Users could be redirected to phishing sites that steal credentials or deliver malware, potentially compromising their systems or organizational credentials.

🟠

Likely Case

Users are redirected to malicious sites that may attempt credential harvesting or deliver low-level malware.

🟢

If Mitigated

With proper user awareness training and browser security controls, users would recognize suspicious redirects and avoid interacting with malicious sites.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires user interaction (clicking a malicious link) but no authentication to Harbor.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v2.8.5, v2.9.3, v2.10.1

Vendor Advisory: https://github.com/goharbor/harbor/security/advisories/GHSA-5757-v49g-f6r7

Restart Required: Yes

Instructions:

1. Backup your Harbor configuration and database. 2. Upgrade to patched version (v2.8.5, v2.9.3, or v2.10.1). 3. Restart Harbor services. 4. Verify the upgrade completed successfully.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement web application firewall or proxy rules to filter redirect URLs containing external domains.

🧯 If You Can't Patch

  • Implement network segmentation to restrict Harbor access to trusted users only.
  • Deploy user awareness training about phishing risks and suspicious URLs.

🔍 How to Verify

Check if Vulnerable:

Check Harbor version via web UI admin panel or API endpoint /api/v2.0/systeminfo.

Check Version:

curl -k https://<harbor-host>/api/v2.0/systeminfo | grep "harbor_version"

Verify Fix Applied:

Verify version is v2.8.5, v2.9.3, or v2.10.1 or higher via /api/v2.0/systeminfo endpoint.

📡 Detection & Monitoring

Log Indicators:

  • HTTP 302 redirect responses to external domains in access logs
  • Unusual redirect patterns in application logs

Network Indicators:

  • HTTP traffic with redirect parameters pointing to unexpected domains

SIEM Query:

web_access_logs status_code=302 AND url CONTAINS "redirect=" AND NOT url CONTAINS "harbor-domain"

📊 Metadata

CVE ID: CVE-2024-22244
CVSS v3 Score: 4.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CWE: CWE-601
Published: June 10, 2024
Last Updated: February 26, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-22244, you might also want to check these:

CVE-2025-43526 9.8

A URL validation vulnerability in macOS and Safari allows web content opened via file URLs to bypass...

Same vulnerability type (CWE-601)
CVE-2025-55031 9.8

This vulnerability in Firefox and Focus for iOS allows malicious web pages to trigger hybrid passkey...

Same vulnerability type (CWE-601)
CVE-2024-22891 9.8

CVE-2024-22891 is a critical remote code execution vulnerability in Nteract v0.28.0 that allows atta...

Same vulnerability type (CWE-601)