CVE-2017-7658

Опубликовано: 26 июн. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.

Ссылки

http://www.securityfocus.com/bid/106566
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041194
Third Party Advisory
VDB Entry
https://bugs.eclipse.org/bugs/show_bug.cgi?id=535669
Third Party Advisory
https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E
https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8%40%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae%40%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574%40%3Ccommits.druid.apache.org%3E
https://security.netapp.com/advisory/ntap-20181014-0001/
Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us
Third Party Advisory
https://www.debian.org/security/2018/dsa-4278
Third Party Advisory
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html
Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
Patch
Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
Patch
Third Party Advisory
http://www.securityfocus.com/bid/106566
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041194
Third Party Advisory
VDB Entry
https://bugs.eclipse.org/bugs/show_bug.cgi?id=535669
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*

Версия до 9.2.26 (включая)

cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*

Версия от 9.3.0 (включая) до 9.3.24 (исключая)

cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*

Версия от 9.4.0 (включая) до 9.4.11 (исключая)

Конфигурация 2

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*

cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*

cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*

cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*

cpe:2.3:a:oracle:retail_xstore_payment:3.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*

Конфигурация 4

Одновременно

cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*

Версия от 8.4.0-00 (включая) до 8.6.2-00 (включая)

cpe:2.3:h:hp:xp_p9000:-:*:*:*:*:*:*:*

Конфигурация 5

Одно из

cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*

Версия от 11.0 (включая) до 11.50.1 (включая)

cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:hci_storage_node:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*

Версия от 3.0 (включая) до 3.1.3 (включая)

cpe:2.3:a:netapp:oncommand_unified_manager_for_7-mode:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*

cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*

cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:storage_services_connector:-:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.0869

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-444

Связанные уязвимости

CVE-2017-7658

CVSS3: 9.8

ubuntu

больше 7 лет назад

CVE-2017-7658

CVSS3: 9.8

redhat

больше 7 лет назад

CVE-2017-7658

CVSS3: 9.8

debian

больше 7 лет назад

In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP ...

GHSA-6x9x-8qw9-9pp6

CVSS3: 9.8

github

больше 7 лет назад

Jetty vulnerable to authorization bypass due to inconsistent HTTP request handling (HTTP Request Smuggling)

BDU:2022-02206

CVSS3: 9.8

fstec

больше 7 лет назад

Уязвимость реализации протокола Hypertext Transfer Protocol (HTTP/1.1) контейнера сервлетов Eclipse Jetty, позволяющая нарушителю отправить скрытый HTTP-запрос (атака типа HTTP Request Smuggling)

EPSS

Процентиль: 92%

0.0869

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-444