Redhat.comRH:CVE-2022-45060CVE-2022-45060
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
0.003 Low
EPSS
Percentile
69.6%
An HTTP Request Forgery issue was discovered in Varnish Cache. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could be used to exploit vulnerabilities in a server behind the Varnish server.
Mitigation
The following mitigation can be applied under the impossibility of update the varnish package:
-
Add the following snippet under vcl_recv VCL function at /etc/varnish/default.vcl
if (req.url ~ "(^$)|[ \t]+" || req.method ~ "(^$)|[ \t]+") { return (synth(400)); } -
Restart the varnish service by running the following command as a privileged user:
systemctl restart varnish
The VCL script above will check by any invalid character or pseudo-header values and when found it will return a synthetic HTTP error code 400.
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
0.003 Low
EPSS
Percentile
69.6%