CVE-2022-1319

{"id": "CVE-2022-1319", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-08-31T16:15:09.410", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2022-1319", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073890", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/undertow-io/undertow/commit/1443a1a2bbb8e32e56788109d8285db250d55c8b", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/undertow-io/undertow/commit/7c5b3ab885b5638fd3f1e8a935d5063d68aa2df3", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://issues.redhat.com/browse/UNDERTOW-2060", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.netapp.com/advisory/ntap-20221014-0006/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-252"}]}, {"type": "Secondary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-252"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second SEND_HEADERS response packet instead of a CPONG."}, {"lang": "es", "value": "Se ha encontrado un fallo en Undertow. Para una respuesta AJP 400, EAP 7 env\u00eda inapropiadamente el flag de re\u00faso habilitado aunque JBoss EAP cierra la conexi\u00f3n. es producido un fallo cuando la conexi\u00f3n es reusada despu\u00e9s de un 400 por CPING ya que lee en el segundo paquete de respuesta SEND_HEADERS en lugar de un CPONG"}], "lastModified": "2022-11-07T19:09:46.767", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A33441B3-B301-426C-A976-08CE5FE72EFB"}, {"criteria": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890"}, {"criteria": "cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1470237-30DB-4A05-8148-621CEE66EA57", "versionEndExcluding": "2.2.17"}, {"criteria": "cpe:2.3:a:redhat:undertow:2.2.17:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB2B656E-2229-4D16-B063-4D9456AEBF63"}, {"criteria": "cpe:2.3:a:redhat:undertow:2.2.17:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04CA521E-1B46-44FB-AA69-309AC53A360A"}, {"criteria": "cpe:2.3:a:redhat:undertow:2.2.17:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "005FB2BF-CF38-4F91-A24B-96D72222192C"}, {"criteria": "cpe:2.3:a:redhat:undertow:2.2.19:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "269ECD35-C644-4B04-AAD3-D88F97CF0214"}, {"criteria": "cpe:2.3:a:redhat:undertow:2.2.19:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0692735-244D-415B-894C-1A64E0307FC4"}, {"criteria": "cpe:2.3:a:redhat:undertow:2.3.0:alpha1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6DD3DE4-9C5D-4768-9414-C63D1D172B7F"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*", "vulnerable": true, "matchCriteriaId": "F3E0B672-3E06-4422-B2A4-0BD073AEC2A1"}, {"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", "vulnerable": true, "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"}, {"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE"}, {"criteria": "cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0F202E8-97E6-4BBB-A0B6-4CA3F5803C08"}, {"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"}, {"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}