CVE-2018-1067

Published May 21, 2018

Last updated 3 days ago

CVSS medium 6.1

Overview

Description: In Undertow before versions 7.1.2.CR1, 7.1.2.GA it was found that the fix for CVE-2016-4993 was incomplete and Undertow web server is vulnerable to the injection of arbitrary HTTP headers, and also response splitting, due to insufficient sanitization and validation of user input before the input is used as part of an HTTP header value.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.1
Impact score: 2.7
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity: MEDIUM

CVSS 3.0

Type: Secondary
Base score: 5.4
Impact score: 2.5
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 5.8
Impact score: 4.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:N

Weaknesses

secalert@redhat.com: CWE-113
nvd@nist.gov: CWE-113

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B6F497B-67CA-4155-8DEC-802FE17B011C",
            "versionEndExcluding": "1.4.25"
          },
          {
            "criteria": "cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6639249-46A5-41DC-B268-178188CB5816",
            "versionEndExcluding": "2.0.5",
            "versionStartIncluding": "2.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7117F117-D439-45EB-BB95-397E5E52C9BB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References