CVE-2017-7657
jetty: HTTP request smuggling
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.
En Eclipse Jetty, en versiones 9.2.x y anteriores, versiones 9.3.x (todas las configuraciones) y versiones 9.4.x (configuración personalizada con el cumplimiento RFC2616 habilitado), los fragmentos transfer-encoding se gestionan de forma incorrecta. El análisis de longitud de fragmento era vulnerable a un desbordamiento de enteros. Así, podría interpretarse un tamaño de fragmento grande como un tamaño menor y el contenido enviado como cuerpo del fragmento podría interpretarse como una petición pipelined. Si Jetty se despliega tras un intermediario que imponía autorización y el intermediario permitía que se pasasen o no se cambiasen grandes fragmentos arbitrarios, este error podría emplearse para omitir la autorización impuesta por el intermediario, ya que la petición pipelined falsa no sería interpretada por el intermediario como una petición.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-04-11 CVE Reserved
- 2018-06-26 CVE Published
- 2024-06-05 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-190: Integer Overflow or Wraparound
- CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CAPEC
References (18)
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://security.netapp.com/advisory/ntap-20181014-0001 | 2023-11-07 | |
https://www.oracle.com/security-alerts/cpuoct2020.html | 2023-11-07 | |
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | 2023-11-07 |
URL | Date | SRC |
---|---|---|
https://access.redhat.com/errata/RHSA-2019:0910 | 2023-11-07 | |
https://www.debian.org/security/2018/dsa-4278 | 2023-11-07 | |
https://access.redhat.com/security/cve/CVE-2017-7657 | 2020-09-17 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1595620 | 2020-09-17 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Hp Search vendor "Hp" | Xp P9000 Command View Search vendor "Hp" for product "Xp P9000 Command View" | >= 8.4.0-00 < 8.6.2-00 Search vendor "Hp" for product "Xp P9000 Command View" and version " >= 8.4.0-00 < 8.6.2-00" | advanced |
Affected
| in | Hp Search vendor "Hp" | Xp P9000 Search vendor "Hp" for product "Xp P9000" | - | - |
Safe
|
Eclipse Search vendor "Eclipse" | Jetty Search vendor "Eclipse" for product "Jetty" | <= 9.2.26 Search vendor "Eclipse" for product "Jetty" and version " <= 9.2.26" | - |
Affected
| ||||||
Eclipse Search vendor "Eclipse" | Jetty Search vendor "Eclipse" for product "Jetty" | >= 9.3.0 < 9.3.24 Search vendor "Eclipse" for product "Jetty" and version " >= 9.3.0 < 9.3.24" | - |
Affected
| ||||||
Eclipse Search vendor "Eclipse" | Jetty Search vendor "Eclipse" for product "Jetty" | >= 9.4.0 < 9.4.11 Search vendor "Eclipse" for product "Jetty" and version " >= 9.4.0 < 9.4.11" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | E-series Santricity Management Search vendor "Netapp" for product "E-series Santricity Management" | - | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | E-series Santricity Os Controller Search vendor "Netapp" for product "E-series Santricity Os Controller" | >= 11.0 <= 11.50.1 Search vendor "Netapp" for product "E-series Santricity Os Controller" and version " >= 11.0 <= 11.50.1" | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | E-series Santricity Web Services Search vendor "Netapp" for product "E-series Santricity Web Services" | - | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Element Software Search vendor "Netapp" for product "Element Software" | - | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Element Software Management Node Search vendor "Netapp" for product "Element Software Management Node" | - | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Hci Storage Nodes Search vendor "Netapp" for product "Hci Storage Nodes" | - | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Oncommand System Manager Search vendor "Netapp" for product "Oncommand System Manager" | 3.x Search vendor "Netapp" for product "Oncommand System Manager" and version "3.x" | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Oncommand Unified Manager Search vendor "Netapp" for product "Oncommand Unified Manager" | < 5.2.4 Search vendor "Netapp" for product "Oncommand Unified Manager" and version " < 5.2.4" | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Santricity Cloud Connector Search vendor "Netapp" for product "Santricity Cloud Connector" | - | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Snap Creator Framework Search vendor "Netapp" for product "Snap Creator Framework" | < 4.3.3 Search vendor "Netapp" for product "Snap Creator Framework" and version " < 4.3.3" | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Snapcenter Search vendor "Netapp" for product "Snapcenter" | < 4.1p3 Search vendor "Netapp" for product "Snapcenter" and version " < 4.1p3" | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Snapmanager Search vendor "Netapp" for product "Snapmanager" | < 3.4.2 Search vendor "Netapp" for product "Snapmanager" and version " < 3.4.2" | oracle |
Affected
| ||||||
Netapp Search vendor "Netapp" | Snapmanager Search vendor "Netapp" for product "Snapmanager" | < 3.4.2 Search vendor "Netapp" for product "Snapmanager" and version " < 3.4.2" | sap |
Affected
| ||||||
Oracle Search vendor "Oracle" | Rest Data Services Search vendor "Oracle" for product "Rest Data Services" | 11.2.0.4 Search vendor "Oracle" for product "Rest Data Services" and version "11.2.0.4" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Rest Data Services Search vendor "Oracle" for product "Rest Data Services" | 12.1.0.2 Search vendor "Oracle" for product "Rest Data Services" and version "12.1.0.2" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Rest Data Services Search vendor "Oracle" for product "Rest Data Services" | 12.2.0.1 Search vendor "Oracle" for product "Rest Data Services" and version "12.2.0.1" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Rest Data Services Search vendor "Oracle" for product "Rest Data Services" | 18c Search vendor "Oracle" for product "Rest Data Services" and version "18c" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Retail Xstore Point Of Service Search vendor "Oracle" for product "Retail Xstore Point Of Service" | 7.1 Search vendor "Oracle" for product "Retail Xstore Point Of Service" and version "7.1" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Retail Xstore Point Of Service Search vendor "Oracle" for product "Retail Xstore Point Of Service" | 15.0 Search vendor "Oracle" for product "Retail Xstore Point Of Service" and version "15.0" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Retail Xstore Point Of Service Search vendor "Oracle" for product "Retail Xstore Point Of Service" | 16.0 Search vendor "Oracle" for product "Retail Xstore Point Of Service" and version "16.0" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Retail Xstore Point Of Service Search vendor "Oracle" for product "Retail Xstore Point Of Service" | 17.0 Search vendor "Oracle" for product "Retail Xstore Point Of Service" and version "17.0" | - |
Affected
|