CVE-2018-12537 Information

Feb 14, 2021 cve

Description

In Eclipse Vert.x version 3.0 to 3.5.1 the HttpServer response headers and HttpClient request headers do not filter carriage return and line feed characters from the header value. This allow unfiltered values to inject a new header in the client request or server response.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Reference

https://access.redhat.com/errata/RHSA-2018:2371 https://access.redhat.com/errata/RHSA-2018:3768 https://bugs.eclipse.org/bugs/show_bug.cgi?id=536038 https://bugzilla.redhat.com/show_bug.cgi?id=1591072 https://github.com/eclipse/vert.x/commit/1bb6445226c39a95e7d07ce3caaf56828e8aab72 https://github.com/eclipse/vert.x/issues/2470 https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2018-021_vertx.txt

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

LOW

Base Score

NONE

Base Severity

5.3

Share on: