Описание
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections.
A flaw was found in Varnish. This flaw allows an attacker to carry out a request smuggling attack on HTTP/1 connections on Varnish cache servers. This smuggled request goes through the usual Varnish Configuration Language (VCL) processing since the Varnish server treats it as an additional request.
Меры по смягчению последствий
This issue can be mitigated by ensuring that the Varnish server does not allow connection reuse on HTTP/1 client connections once a request body has been seen on the connection. This requires changes in the VCL configuration.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 9 | varnish | Not affected | ||
| Red Hat Enterprise Linux 8 | varnish | Fixed | RHSA-2022:0418 | 03.02.2022 |
| Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | varnish | Fixed | RHSA-2022:0420 | 03.02.2022 |
| Red Hat Enterprise Linux 8.2 Extended Update Support | varnish | Fixed | RHSA-2022:0421 | 03.02.2022 |
| Red Hat Enterprise Linux 8.4 Extended Update Support | varnish | Fixed | RHSA-2022:0422 | 03.02.2022 |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | rh-varnish6-varnish | Fixed | RHSA-2022:4745 | 25.05.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
9.1 Critical
CVSS3
Связанные уязвимости
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections.
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections.
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 ...
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections.
EPSS
9.1 Critical
CVSS3