7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.012 Low
EPSS
Percentile
85.0%
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and
9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9
is handled poorly. An HTTP/1 style request line (i.e. method space URI
space version) that declares a version of HTTP/0.9 was accepted and treated
as a 0.9 request. If deployed behind an intermediary that also accepted and
passed through the 0.9 version (but did not act on it), then the response
sent could be interpreted by the intermediary as HTTP/1 headers. This could
be used to poison the cache if the server allowed the origin client to
generate arbitrary content in the response.
Author | Note |
---|---|
ebarretto | jetty8 ignored (very hard to exploit, complex patch) |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.012 Low
EPSS
Percentile
85.0%