CVE-2024-7885

Undertow: improper state management in proxy protocol parsing causes information leakage

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

A vulnerability was found in Undertow where the ProxyProtocolReadListener reuses the same StringBuilder instance across multiple requests. This issue occurs when the parseProxyProtocolV1 method processes multiple requests on the same HTTP connection. As a result, different requests may share the same StringBuilder instance, potentially leading to information leakage between requests or responses. In some cases, a value from a previous request or response may be erroneously reused, which could lead to unintended data exposure. This issue primarily results in errors and connection termination but creates a risk of data leakage in multi-request environments.

A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include an information leakage vulnerability.

*Credits: Red Hat would like to thank BfC for reporting this issue.

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-08-16 CVE Reserved
2024-08-21 CVE Published
2025-03-03 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CAPEC

References (9)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2024-7885	2024-08-21
https://bugzilla.redhat.com/show_bug.cgi?id=2305290	2024-08-21
https://access.redhat.com/errata/RHSA-2024:11023	2025-03-03
https://access.redhat.com/errata/RHSA-2024:6508	2025-03-03
https://access.redhat.com/errata/RHSA-2024:6883	2025-03-03
https://access.redhat.com/errata/RHSA-2024:7441	2025-03-03
https://access.redhat.com/errata/RHSA-2024:7442	2025-03-03
https://access.redhat.com/errata/RHSA-2024:7735	2025-03-03
https://access.redhat.com/errata/RHSA-2024:7736	2025-03-03

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Redhat Search vendor "Redhat"		Apache Camel Spring Boot Search vendor "Redhat" for product "Apache Camel Spring Boot"				*		-		Affected
Redhat Search vendor "Redhat"		Build Keycloak Search vendor "Redhat" for product "Build Keycloak"				*		-		Affected
Redhat Search vendor "Redhat"		Build Of Apache Camel - Hawtio Search vendor "Redhat" for product "Build Of Apache Camel - Hawtio"				*		-		Affected
Redhat Search vendor "Redhat"		Build Of Apache Camel For Spring Boot Search vendor "Redhat" for product "Build Of Apache Camel For Spring Boot"				*		-		Affected
Redhat Search vendor "Redhat"		Build Of Keycloak Search vendor "Redhat" for product "Build Of Keycloak"				*		-		Affected
Redhat Search vendor "Redhat"		Build Of Quarkus Search vendor "Redhat" for product "Build Of Quarkus"				*		-		Affected
Redhat Search vendor "Redhat"		Camel Spring Boot Search vendor "Redhat" for product "Camel Spring Boot"				*		-		Affected
Redhat Search vendor "Redhat"		Data Grid Search vendor "Redhat" for product "Data Grid"				*		-		Affected
Redhat Search vendor "Redhat"		Integration Search vendor "Redhat" for product "Integration"				*		-		Affected
Redhat Search vendor "Redhat"		Integration Camel K Search vendor "Redhat" for product "Integration Camel K"				*		-		Affected
Redhat Search vendor "Redhat"		Jboss Data Grid Search vendor "Redhat" for product "Jboss Data Grid"				*		-		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform"				*		-		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Bpms Platform Search vendor "Redhat" for product "Jboss Enterprise Bpms Platform"				*		-		Affected
Redhat Search vendor "Redhat"		Jboss Fuse Search vendor "Redhat" for product "Jboss Fuse"				*		-		Affected
Redhat Search vendor "Redhat"		Jbosseapxp Search vendor "Redhat" for product "Jbosseapxp"				*		-		Affected
Redhat Search vendor "Redhat"		Process Automation Search vendor "Redhat" for product "Process Automation"				*		-		Affected
Redhat Search vendor "Redhat"		Quarkus Search vendor "Redhat" for product "Quarkus"				*		-		Affected
Redhat Search vendor "Redhat"		Red Hat Single Sign On Search vendor "Redhat" for product "Red Hat Single Sign On"				*		-		Affected
Redhat Search vendor "Redhat"		Rhboac Hawtio Search vendor "Redhat" for product "Rhboac Hawtio"				*		-		Affected
Redhat Search vendor "Redhat"		Single Sign-on Search vendor "Redhat" for product "Single Sign-on"				*		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"				*		-		Affected