CVE-2018-1067

MEDIUM

Description

In Undertow before versions 7.1.2.CR1, 7.1.2.GA it was found that the fix for CVE-2016-4993 was incomplete and Undertow web server is vulnerable to the injection of arbitrary HTTP headers, and also response splitting, due to insufficient sanitization and validation of user input before the input is used as part of an HTTP header value.

References

https://access.redhat.com/errata/RHSA-2018:1247

https://access.redhat.com/errata/RHSA-2018:1248

https://access.redhat.com/errata/RHSA-2018:1249

https://access.redhat.com/errata/RHSA-2018:1251

https://access.redhat.com/errata/RHSA-2018:2643

https://access.redhat.com/errata/RHSA-2019:0877

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1067

Details

Source: MITRE

Published: 2018-05-21

Updated: 2019-04-26

Type: CWE-113

Risk Information

CVSS v2.0

Base Score: 5.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Impact Score: 4.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Impact Score: 2.7

Exploitability Score: 2.8

Severity: MEDIUM

Tenable Plugins

View all (4 total)

ID	Name	Product	Family	Severity
117324	RHEL 7 : Virtualization (RHSA-2018:2643)	Nessus	Red Hat Local Security Checks	medium
109390	RHEL 6 / 7 : JBoss EAP (RHSA-2018:1249)	Nessus	Red Hat Local Security Checks	high
109389	RHEL 6 : JBoss EAP (RHSA-2018:1248)	Nessus	Red Hat Local Security Checks	high
109388	RHEL 7 : JBoss EAP (RHSA-2018:1247)	Nessus	Red Hat Local Security Checks	high