Описание
An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, 2.7 before 2.7.1. There are 5 bytes left uninitialized in the connection buffer when encoding the FCGI_BEGIN_REQUEST record. Sensitive data may be disclosed to configured FastCGI backends in an unexpected way.
A flaw was found in HAProxy, which could allow a remote attacker to obtain sensitive information caused by improper initialization when encoding the FCGI_BEGIN_REQUEST record. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system.
Отчет
Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-459: Incomplete Cleanup vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low. The platform's ephemeral workloads, strict lifecycle management, and automated resource cleanup routines significantly reduce the likelihood that residual data would persist in a meaningful or exploitable state. Static code analysis and peer code review techniques are used to execute robust input validation and error-handling mechanisms to ensure all user inputs are thoroughly validated, reducing the risk of DoS attacks. Event logs are collected and processed for centralization, correlation, analysis, monitoring, reporting, alerting, and retention to detect anomalies and enforce cleanup procedures.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 5 | haproxy | Affected | ||
| Red Hat Enterprise Linux 7 | haproxy | Out of support scope | ||
| Red Hat Enterprise Linux 8 | haproxy | Not affected | ||
| Red Hat OpenShift Container Platform 3.11 | haproxy | Out of support scope | ||
| Red Hat OpenShift Container Platform 4 | haproxy | Will not fix | ||
| Red Hat Software Collections | rh-haproxy18-haproxy | Will not fix | ||
| Red Hat Enterprise Linux 9 | haproxy | Fixed | RHSA-2023:6496 | 07.11.2023 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, 2.7 before 2.7.1. There are 5 bytes left uninitialized in the connection buffer when encoding the FCGI_BEGIN_REQUEST record. Sensitive data may be disclosed to configured FastCGI backends in an unexpected way.
An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, 2.7 before 2.7.1. There are 5 bytes left uninitialized in the connection buffer when encoding the FCGI_BEGIN_REQUEST record. Sensitive data may be disclosed to configured FastCGI backends in an unexpected way.
An information leak vulnerability was discovered in HAProxy 2.1, 2.2 b ...
An information leak vulnerability was discovered in HAProxy 2.1, 2.2 before 2.2.27, 2.3, 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, 2.7 before 2.7.1. There are 5 bytes left uninitialized in the connection buffer when encoding the FCGI_BEGIN_REQUEST record. Sensitive data may be disclosed to configured FastCGI backends in an unexpected way.
ELSA-2023-6496: haproxy security and bug fix update (MODERATE)
EPSS
7.5 High
CVSS3