CVE-2021-43797
HTTP fails to validate against control chars in header names which may lead to HTTP request smuggling
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / end of the header name. It should instead fail fast as these are not allowed by the spec and could lead to HTTP request smuggling. Failing to do the validation might cause netty to "sanitize" header names before it forward these to another remote system when used as proxy. This remote system can't see the invalid usage anymore, and therefore does not do the validation itself. Users should upgrade to version 4.1.71.Final.
Netty es un marco de trabajo de aplicaciones de red asíncronas impulsadas por eventos para el desarrollo rápido de servidores y clientes de protocolo de alto rendimiento mantenibles. Netty antes de la versión 4.1.71.Final omite los caracteres de control cuando están presentes al principio/fin del nombre de la cabecera. En su lugar, debería fallar rápidamente ya que estos no están permitidos por la especificación y podrían llevar a un contrabando de peticiones HTTP. No hacer la validación podría causar que netty "sanee" los nombres de las cabeceras antes de reenviarlas a otro sistema remoto cuando se usa como proxy. Este sistema remoto ya no puede ver el uso inválido, y por lo tanto no hace la validación por sí mismo. Los usuarios deben actualizar a la versión 4.1.71.Final
A flaw was found in Netty, specifically in the netty-codec-http package. This flaw allows unauthorized control characters at the beginning and end of a request, does not follow the specification, and can cause HTTP request smuggling.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-11-16 CVE Reserved
- 2021-12-09 CVE Published
- 2024-08-04 CVE Updated
- 2024-10-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CAPEC
References (9)
URL | Tag | Source |
---|---|---|
https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq | Third Party Advisory | |
https://lists.debian.org/debian-lts-announce/2023/01/msg00008.html | Mailing List | |
https://security.netapp.com/advisory/ntap-20220107-0003 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://github.com/netty/netty/commit/07aa6b5938a8b6ed7a6586e066400e2643897323 | 2023-02-24 | |
https://www.oracle.com/security-alerts/cpuapr2022.html | 2023-02-24 | |
https://www.oracle.com/security-alerts/cpujul2022.html | 2023-02-24 |
URL | Date | SRC |
---|---|---|
https://www.debian.org/security/2023/dsa-5316 | 2023-02-24 | |
https://access.redhat.com/security/cve/CVE-2021-43797 | 2022-11-03 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2031958 | 2022-11-03 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Netty Search vendor "Netty" | Netty Search vendor "Netty" for product "Netty" | < 4.1.71 Search vendor "Netty" for product "Netty" and version " < 4.1.71" | - |
Affected
| ||||||
Quarkus Search vendor "Quarkus" | Quarkus Search vendor "Quarkus" for product "Quarkus" | < 2.5.3 Search vendor "Quarkus" for product "Quarkus" and version " < 2.5.3" | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Oncommand Workflow Automation Search vendor "Netapp" for product "Oncommand Workflow Automation" | - | - |
Affected
| ||||||
Netapp Search vendor "Netapp" | Snapcenter Search vendor "Netapp" for product "Snapcenter" | - | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Banking Deposits And Lines Of Credit Servicing Search vendor "Oracle" for product "Banking Deposits And Lines Of Credit Servicing" | 2.7 Search vendor "Oracle" for product "Banking Deposits And Lines Of Credit Servicing" and version "2.7" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Banking Party Management Search vendor "Oracle" for product "Banking Party Management" | 2.7.0 Search vendor "Oracle" for product "Banking Party Management" and version "2.7.0" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Banking Platform Search vendor "Oracle" for product "Banking Platform" | 2.6.2 Search vendor "Oracle" for product "Banking Platform" and version "2.6.2" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Coherence Search vendor "Oracle" for product "Coherence" | 12.2.1.4.0 Search vendor "Oracle" for product "Coherence" and version "12.2.1.4.0" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Coherence Search vendor "Oracle" for product "Coherence" | 14.1.1.0.0 Search vendor "Oracle" for product "Coherence" and version "14.1.1.0.0" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Communications Cloud Native Core Binding Support Function Search vendor "Oracle" for product "Communications Cloud Native Core Binding Support Function" | 1.11.0 Search vendor "Oracle" for product "Communications Cloud Native Core Binding Support Function" and version "1.11.0" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Communications Cloud Native Core Network Slice Selection Function Search vendor "Oracle" for product "Communications Cloud Native Core Network Slice Selection Function" | 1.8.0 Search vendor "Oracle" for product "Communications Cloud Native Core Network Slice Selection Function" and version "1.8.0" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Communications Cloud Native Core Policy Search vendor "Oracle" for product "Communications Cloud Native Core Policy" | 1.15.0 Search vendor "Oracle" for product "Communications Cloud Native Core Policy" and version "1.15.0" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Communications Cloud Native Core Security Edge Protection Proxy Search vendor "Oracle" for product "Communications Cloud Native Core Security Edge Protection Proxy" | 1.7.0 Search vendor "Oracle" for product "Communications Cloud Native Core Security Edge Protection Proxy" and version "1.7.0" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Communications Cloud Native Core Unified Data Repository Search vendor "Oracle" for product "Communications Cloud Native Core Unified Data Repository" | 1.15.0 Search vendor "Oracle" for product "Communications Cloud Native Core Unified Data Repository" and version "1.15.0" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Communications Design Studio Search vendor "Oracle" for product "Communications Design Studio" | 7.4.2 Search vendor "Oracle" for product "Communications Design Studio" and version "7.4.2" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Communications Instant Messaging Server Search vendor "Oracle" for product "Communications Instant Messaging Server" | 8.1 Search vendor "Oracle" for product "Communications Instant Messaging Server" and version "8.1" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Helidon Search vendor "Oracle" for product "Helidon" | 1.4.10 Search vendor "Oracle" for product "Helidon" and version "1.4.10" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Helidon Search vendor "Oracle" for product "Helidon" | 2.4.0 Search vendor "Oracle" for product "Helidon" and version "2.4.0" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Peoplesoft Enterprise Peopletools Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools" | 8.58 Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools" and version "8.58" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Peoplesoft Enterprise Peopletools Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools" | 8.59 Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools" and version "8.59" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 11.0 Search vendor "Debian" for product "Debian Linux" and version "11.0" | - |
Affected
|