#VU12802 Man-in-the-middle attack in Undertow - CVE-2017-12196

Cybersecurity Help s.r.o.

Published: 2018-05-17

Vulnerability identifier: #VU12802

Vulnerability risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-12196

CWE-ID: CWE-300

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Undertow
Server applications / Web servers

Vendor: Red Hat Inc.

Description
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line when using Digest authentication. A remote attacker can conduct man-in-the-middle attack and gin access to potentially sensitive information.

Mitigation
Update to versions 1.4.18.SP1, 2.0.2.Final or 1.4.24.Final.

Vulnerable software versions

Undertow: All versions

External links
https://issues.jboss.org/browse/UNDERTOW-1190

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

openEuler update for undertow

Red Hat update for jackson-databind

Red Hat JBoss Enterprise Application Platform 7.1.1 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 7.1.1 for Red Hat Enterprise Linux 7 update for eap7-jboss-ec2-eap