Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2023-4639
HistoryFeb 09, 2024 - 2:59 a.m.

CVE-2023-4639

2024-02-0902:59:44
redhat.com
access.redhat.com
30
undertow
cookie parsing
value delimiting
data exfiltration
httponly cookie
unauthorized access
data modification
data confidentiality
data integrity

6.5 Medium

AI Score

Confidence

Low

0 Low

EPSS

Percentile

0.0%

JSON

A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity.

Related

ubuntucve 1
debiancve 1
nessus 4
redhat 6
ubuntucve
ubuntucve
CVE-2023-4639
2024-02-09 00:00:00
debiancve
debiancve
CVE-2023-4639
2024-02-20 12:48:34
nessus
nessus
RHEL 8 / 9 : Red Hat JBoss Enterprise Application Platform 8.0 (RHSA-2024:2764)
2024-05-08 00:00:00
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.16 Security update (Important) (RHSA-2024:1675)
2024-04-04 00:00:00
RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.16 Security update (Important) (RHSA-2024:1676)
2024-04-04 00:00:00
redhat
redhat
(RHSA-2024:2764) Important: Red Hat JBoss Enterprise Application Platform 8.0 security update
2024-05-08 14:15:22
(RHSA-2024:2763) Important: Red Hat JBoss Enterprise Application Platform 8.0 security update
2024-05-08 14:14:46
(RHSA-2024:1675) Important: Red Hat JBoss Enterprise Application Platform 7.4.16 Security update
2024-04-04 15:15:18

6.5 Medium

AI Score

Confidence

Low

0 Low

EPSS

Percentile

0.0%

JSON
Related for RH:CVE-2023-4639
ubuntucve1debiancve1nessus4redhat6