Vulnerability Details : CVE-2017-2666
It was discovered in Undertow that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own.
Vulnerability category: Cross site scripting (XSS)
Products affected by CVE-2017-2666
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:undertow:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-2666
0.51%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 77 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-2666
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:P/A:N |
10.0
|
4.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
3.9
|
2.5
|
NIST | |
6.5
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
3.9
|
2.5
|
Red Hat, Inc. |
CWE ids for CVE-2017-2666
-
The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.Assigned by:
- nvd@nist.gov (Primary)
- secalert@redhat.com (Secondary)
References for CVE-2017-2666
-
https://access.redhat.com/errata/RHSA-2017:1411
RHSA-2017:1411 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2666
1436163 – (CVE-2017-2666) CVE-2017-2666 undertow: HTTP Request smuggling vulnerability due to permitting invalid characters in HTTP requestsIssue Tracking;Vendor Advisory
-
http://rhn.redhat.com/errata/RHSA-2017-1409.html
RHSA-2017:1409 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2017:1412
RHSA-2017:1412 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2017:3458
RHSA-2017:3458 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2017:3456
RHSA-2017:3456 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2017:3455
RHSA-2017:3455 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2017:1410
RHSA-2017:1410 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://www.debian.org/security/2017/dsa-3906
Debian -- Security Information -- DSA-3906-1 undertowThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2017:3454
RHSA-2017:3454 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
http://www.securityfocus.com/bid/98966
Red Hat Undertow CVE-2017-2666 Security Bypass VulnerabilityThird Party Advisory;VDB Entry
Jump to