#VU103635 Incorrect Regular Expression in Tough-cookie - CVE-2017-15010

Cybersecurity Help s.r.o.

Published: 2025-02-05

Vulnerability identifier: #VU103635

Vulnerability risk: High

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-15010

CWE-ID: CWE-185

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Tough-cookie

Vendor: Salesforce

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient input validation when processing regular expressions. A remote attacker that is able to make an HTTP request using a specially crafted cookie may cause the application to consume an excessive amount of CPU.

Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

Tough-cookie: 0.9.1 - 2.3.2

External links
https://www.securityfocus.com/bid/101185
https://access.redhat.com/errata/RHSA-2017:2912
https://access.redhat.com/errata/RHSA-2017:2913
https://access.redhat.com/errata/RHSA-2018:1263
https://access.redhat.com/errata/RHSA-2018:1264
https://github.com/salesforce/tough-cookie/issues/92
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6VEBDTGNHVM677SLZDEHMWOP3ISMZSFT/
https://nodesecurity.io/advisories/525
https://snyk.io/vuln/npm:tough-cookie:20170905

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM Cognos Analytics

Incorrect Regular Expression in salesforce tough-cookie