CVE-2023-45648
Apache Tomcat: Trailer header parsing too lenient
Severity Score
5.3
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Attend
*SSVC
Descriptions
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially
crafted, invalid trailer header could cause Tomcat to treat a single
request as multiple requests leading to the possibility of request
smuggling when behind a reverse proxy.
Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue.
Vulnerabilidad de validación de entrada incorrecta en Apache Tomcat.Tomcat desde 11.0.0-M1 hasta 11.0.0-M11, desde 10.1.0-M1 hasta 10.1.13, desde 9.0.0-M1 hasta 9.0.81 y desde 8.5.0 hasta 8.5 .93 no analizaron correctamente los encabezados de las colas HTTP. Un encabezado de avance no válido y especialmente manipulado podría hacer que Tomcat trate una sola solicitud como solicitudes múltiples, lo que genera la posibilidad de contrabando de solicitudes cuando está detrás de un proxy inverso. Se recomienda a los usuarios actualizar a la versión 11.0.0-M12 en adelante, 10.1.14 en adelante, 9.0.81 en adelante o 8.5.94 en adelante, que solucionan el problema.
A flaw was found in Apache Tomcat, where an improper input validation can occur. This flaw allows a malicious user to send a crafted request containing an invalid trailer header, which could be treated as multiple requests, potentially leading to request smuggling when behind a reverse proxy.
*Credits:
Keran Mu and Jianjun Chen from Tsinghua University and Zhongguancun Laboratory
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Attend
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-10-10 CVE Reserved
- 2023-10-10 CVE Published
- 2024-11-11 EPSS Updated
- 2024-11-12 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2023/10/10/10 | Mailing List |
|
| https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html | Mailing List |
|
| https://security.netapp.com/advisory/ntap-20231103-0007 |
|
|
| https://www.debian.org/security/2023/dsa-5521 | Third Party Advisory |
|
| https://www.debian.org/security/2023/dsa-5522 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://lists.apache.org/thread/2pv8yz1pyp088tsxfb7ogltk9msk0jdp | 2023-11-04 | |
| https://access.redhat.com/security/cve/CVE-2023-45648 | 2024-07-18 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2243749 | 2024-07-18 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | >= 8.5.0 < 8.5.94 Search vendor "Apache" for product "Tomcat" and version " >= 8.5.0 < 8.5.94" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | >= 9.0.1 < 9.0.81 Search vendor "Apache" for product "Tomcat" and version " >= 9.0.1 < 9.0.81" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | >= 10.1.1 < 10.1.14 Search vendor "Apache" for product "Tomcat" and version " >= 10.1.1 < 10.1.14" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone1 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone10 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone11 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone12 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone13 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone14 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone15 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone16 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone17 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone18 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone19 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone2 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone20 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone21 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone22 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone23 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone24 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone25 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone26 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone27 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone3 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone4 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone5 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone6 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone7 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone8 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone9 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone1 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone10 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone11 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone12 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone13 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone14 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone15 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone16 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone17 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone18 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone19 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone2 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone20 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone3 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone4 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone5 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone6 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone7 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone8 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0" | milestone9 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 11.0.0 Search vendor "Apache" for product "Tomcat" and version "11.0.0" | milestone1 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 11.0.0 Search vendor "Apache" for product "Tomcat" and version "11.0.0" | milestone10 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 11.0.0 Search vendor "Apache" for product "Tomcat" and version "11.0.0" | milestone11 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 11.0.0 Search vendor "Apache" for product "Tomcat" and version "11.0.0" | milestone2 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 11.0.0 Search vendor "Apache" for product "Tomcat" and version "11.0.0" | milestone3 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 11.0.0 Search vendor "Apache" for product "Tomcat" and version "11.0.0" | milestone4 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 11.0.0 Search vendor "Apache" for product "Tomcat" and version "11.0.0" | milestone5 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 11.0.0 Search vendor "Apache" for product "Tomcat" and version "11.0.0" | milestone6 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 11.0.0 Search vendor "Apache" for product "Tomcat" and version "11.0.0" | milestone7 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 11.0.0 Search vendor "Apache" for product "Tomcat" and version "11.0.0" | milestone8 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 11.0.0 Search vendor "Apache" for product "Tomcat" and version "11.0.0" | milestone9 |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 11.0 Search vendor "Debian" for product "Debian Linux" and version "11.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 12.0 Search vendor "Debian" for product "Debian Linux" and version "12.0" | - |
Affected
| ||||||