Lucene search
+L

Eclipse Jetty HTTP Header Vulnerability (GHSA-hmr7-m48g-48f6) - Linux

🗓️ 19 Sep 2023 00:00:00Reported by Copyright (C) 2023 Greenbone AGType 
openvas
 openvas
🔗 plugins.openvas.org👁 28 Views

Eclipse Jetty HTTP Header Vulnerability, fix availabl

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for October 2023
26 Mar 202504:03
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities Addressed in IBM Tivoli Network Manager IP Edition (ITNM) version 4.2 Fix Pack 20 (4.2.0.20)
11 Nov 202411:31
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in eclipse jetty affect IBM Business Automation Workflow
3 Jun 202413:36
ibm
IBM Security Bulletins
Security Bulletin: IBM Operational Decision Manager October 2023 - Multiple CVEs addressed
19 Oct 202311:13
ibm
IBM Security Bulletins
Security Bulletin: An Eclipse Jetty vulnerability affects IBM Rational Functional Tester
18 Dec 202312:04
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in IBM StreamSets Data Collector
22 Oct 202512:16
ibm
IBM Security Bulletins
Security Bulletin: Due to the use of jetty IBM webMethods BPM is vulnerable to multiple vulnerabilities
11 Mar 202620:59
ibm
IBM Security Bulletins
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Eclipse Jetty
29 Nov 202314:46
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in IBM Cloud Pak for Multicloud Management
20 Mar 202517:08
ibm
IBM Security Bulletins
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in its dependencies (CVE-2022-45688, CVE-2023-28439, CVE-2023-33201, CVE-2023-41900, CVE-2023-36479, CVE-2023-40167, CVE-2023-36478, )
24 Mar 202514:16
ibm
Rows per page
# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:eclipse:jetty";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.151001");
  script_version("2024-06-11T05:05:40+0000");
  script_tag(name:"last_modification", value:"2024-06-11 05:05:40 +0000 (Tue, 11 Jun 2024)");
  script_tag(name:"creation_date", value:"2023-09-19 04:32:31 +0000 (Tue, 19 Sep 2023)");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:P/A:N");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2023-09-20 20:20:00 +0000 (Wed, 20 Sep 2023)");

  script_cve_id("CVE-2023-40167");

  script_tag(name:"qod_type", value:"remote_banner_unreliable");

  script_tag(name:"solution_type", value:"VendorFix");

  script_name("Eclipse Jetty HTTP Header Vulnerability (GHSA-hmr7-m48g-48f6) - Linux");

  script_category(ACT_GATHER_INFO);

  script_copyright("Copyright (C) 2023 Greenbone AG");
  script_family("Web Servers");
  script_dependencies("gb_jetty_http_detect.nasl", "os_detection.nasl");
  script_mandatory_keys("jetty/detected", "Host/runs_unixoide");

  script_tag(name:"summary", value:"Eclipse Jetty is prone to an HTTP header vulnerability.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"Jetty accepts the '+' character proceeding the content-length
  value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers
  routinely reject such requests with 400 responses. There is no known exploit scenario, but it is
  conceivable that request smuggling could result if jetty is used in combination with a server
  that does not close the connection after sending such a 400 response.");

  script_tag(name:"affected", value:"Eclipse Jetty version 9.0.0 through 9.4.51, 10.0.0 through
  10.0.15, 11.0.0 through 11.0.15 and version 12.0.0.");

  script_tag(name:"solution", value:"Update to version 9.4.52, 10.0.16, 11.0.16, 12.0.1 or later.");

  script_xref(name:"URL", value:"https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6");

  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if (!port = get_app_port(cpe: CPE))
  exit(0);

if (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))
  exit(0);

version = infos["version"];
location = infos["location"];

if (version_in_range_exclusive(version: version, test_version_lo: "9.0.0", test_version_up: "9.4.52")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "9.4.52", install_path: location);
  security_message(port: port, data: report);
  exit(0);
}

if (version_in_range_exclusive(version: version, test_version_lo: "10.0.0", test_version_up: "10.0.16")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "10.0.16", install_path: location);
  security_message(port: port, data: report);
  exit(0);
}

if (version_in_range_exclusive(version: version, test_version_lo: "11.0.0", test_version_up: "11.0.16")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "11.0.16", install_path: location);
  security_message(port: port, data: report);
  exit(0);
}

if (version_is_equal(version: version, test_version: "12.0.0")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "12.0.1", install_path: location);
  security_message(port: port, data: report);
  exit(0);
}

exit(99);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

11 Jun 2024 00:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS 3.15.3
EPSS0.01069
SSVC
28