CVE-2024-5971

Undertow: response write hangs in case of java 17 tlsv1.3 newsessionticket

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Attend

*SSVC

Descriptions

A vulnerability was found in Undertow, where the chunked response hangs after the body was flushed. The response headers and body were sent but the client would continue waiting as Undertow does not send the expected 0\r
termination of the chunked response. This results in uncontrolled resource consumption, leaving the server side to a denial of service attack. This happens only with Java 17 TLSv1.3 scenarios.

Se encontró una vulnerabilidad en Undertow, donde la respuesta fragmentada se suspende después de que se lavó el cuerpo. Los encabezados y el cuerpo de la respuesta se enviaron, pero el cliente continuaría esperando ya que Undertow no envía la terminación 0\r
esperada de la respuesta fragmentada. Esto da como resultado un consumo descontrolado de recursos, dejando al lado del servidor expuesto a un ataque de denegación de servicio. Esto sucede solo con escenarios Java 17 TLSv1.3.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Attend

Exploitation

None

Automatable

Yes

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-06-13 CVE Reserved
2024-07-08 CVE Published
2024-08-13 EPSS Updated
2024-11-15 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-674: Uncontrolled Recursion

CAPEC

References (10)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://access.redhat.com/errata/RHSA-2024:4392	2024-07-09
https://access.redhat.com/security/cve/CVE-2024-5971	2024-07-09
https://bugzilla.redhat.com/show_bug.cgi?id=2292211	2024-07-09
https://access.redhat.com/errata/RHSA-2024:4884	2024-11-15
https://access.redhat.com/errata/RHSA-2024:5143	2024-11-15
https://access.redhat.com/errata/RHSA-2024:5144	2024-11-15
https://access.redhat.com/errata/RHSA-2024:5145	2024-11-15
https://access.redhat.com/errata/RHSA-2024:5147	2024-11-15
https://access.redhat.com/errata/RHSA-2024:6508	2024-11-15
https://access.redhat.com/errata/RHSA-2024:6883	2024-11-15

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Redhat Search vendor "Redhat"		Apache Camel Spring Boot Search vendor "Redhat" for product "Apache Camel Spring Boot"				*		-		Affected
Redhat Search vendor "Redhat"		Build Keycloak Search vendor "Redhat" for product "Build Keycloak"				*		-		Affected
Redhat Search vendor "Redhat"		Build Of Quarkus Search vendor "Redhat" for product "Build Of Quarkus"				*		-		Affected
Redhat Search vendor "Redhat"		Camel Spring Boot Search vendor "Redhat" for product "Camel Spring Boot"				*		-		Affected
Redhat Search vendor "Redhat"		Data Grid Search vendor "Redhat" for product "Data Grid"				*		-		Affected
Redhat Search vendor "Redhat"		Integration Search vendor "Redhat" for product "Integration"				*		-		Affected
Redhat Search vendor "Redhat"		Integration Camel K Search vendor "Redhat" for product "Integration Camel K"				*		-		Affected
Redhat Search vendor "Redhat"		Jboss Data Grid Search vendor "Redhat" for product "Jboss Data Grid"				*		-		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform"				*		-		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Bpms Platform Search vendor "Redhat" for product "Jboss Enterprise Bpms Platform"				*		-		Affected
Redhat Search vendor "Redhat"		Jboss Fuse Search vendor "Redhat" for product "Jboss Fuse"				*		-		Affected
Redhat Search vendor "Redhat"		Jbosseapxp Search vendor "Redhat" for product "Jbosseapxp"				*		-		Affected
Redhat Search vendor "Redhat"		Keycloak Search vendor "Redhat" for product "Keycloak"				*		-		Affected
Redhat Search vendor "Redhat"		Process Automation Search vendor "Redhat" for product "Process Automation"				*		-		Affected
Redhat Search vendor "Redhat"		Quarkus Search vendor "Redhat" for product "Quarkus"				*		-		Affected
Redhat Search vendor "Redhat"		Red Hat Single Sign On Search vendor "Redhat" for product "Red Hat Single Sign On"				*		-		Affected
Redhat Search vendor "Redhat"		Rhboac Hawtio Search vendor "Redhat" for product "Rhboac Hawtio"				*		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"				*		-		Affected