CVE-2017-12165

It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 processes http request headers with unusual whitespaces which can cause possible http request smuggling.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://access.redhat.com/errata/RHSA-2017:3454	Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3455	Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3456	Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3458	Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:0002	Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:0003	Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:0004	Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:0005	Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:1322	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12165	Issue Tracking Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:redhat:undertow::::::::
	cpe:2.3:a:redhat:undertow::::::::
	cpe:2.3:a:redhat:undertow:2.0.0:alpha_1::::::

Configuration 2 (hide)

OR	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:::::::*
	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:::::::*

History

No history.

Information

Published : 2018-07-27 15:29

Updated : 2024-02-28 16:48

NVD link : CVE-2017-12165

Mitre link : CVE-2017-12165

CVE.ORG link : CVE-2017-12165

JSON object : View

Products Affected

redhat

jboss_enterprise_application_platform
undertow

CWE

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

{"id": "CVE-2017-12165", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 2.6, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.2}]}, "published": "2018-07-27T15:29:00.237", "references": [{"url": "https://access.redhat.com/errata/RHSA-2017:3454", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2017:3455", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2017:3456", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2017:3458", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2018:0002", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2018:0003", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2018:0004", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2018:0005", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2018:1322", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12165", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-444"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-444"}]}], "descriptions": [{"lang": "en", "value": "It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 processes http request headers with unusual whitespaces which can cause possible http request smuggling."}, {"lang": "es", "value": "Se ha descubierto que Undertow en versiones anteriores a la 1.4.17, 1.3.31 y 2.0.0 procesa cabeceras de petici\u00f3n HTTP con espacios en blanco inusuales que pueden provocar HTTP Request Smuggling."}], "lastModified": "2019-10-09T23:22:24.137", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66B1C1E1-8B49-4A08-B29B-C3B6ACFCCC6C", "versionEndExcluding": "1.3.31", "versionStartIncluding": "1.0.0"}, {"criteria": "cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06F12B32-A552-4B7E-9798-DE867BB05EDE", "versionEndExcluding": "1.4.17", "versionStartIncluding": "1.4.0"}, {"criteria": "cpe:2.3:a:redhat:undertow:2.0.0:alpha_1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25CF0002-D9DF-40E0-BAE8-D01CF5535BF5"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72A54BDA-311C-413B-8E4D-388AD65A170A"}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "868C0845-F25C-487F-A697-72917BE9D78E"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}