Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-26049
HistoryApr 18, 2023 - 12:00 a.m.

CVE-2023-26049

2023-04-1800:00:00
ubuntu.com
ubuntu.com
61
jetty
cve-2023-26049
cookie smuggling
security implications
upgrade
unix
parsing issue

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

40.9%

Jetty is a java based web server and servlet engine. Nonstandard cookie
parsing in Jetty may allow an attacker to smuggle cookies within other
cookies, or otherwise perform unintended behavior by tampering with the
cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with "
(double quote), it will continue to read the cookie string until it sees a
closing quote โ€“ even if a semicolon is encountered. So, a cookie header
such as: DISPLAY_LANGUAGE="b; JSESSIONID=1337; c=d" will be parsed as one
cookie, with the name DISPLAY_LANGUAGE and a value of b; JSESSIONID=1337;
c=d instead of 3 separate cookies. This has security implications because
if, say, JSESSIONID is an HttpOnly cookie, and the DISPLAY_LANGUAGE cookie
value is rendered on the page, an attacker can smuggle the JSESSIONID
cookie into the DISPLAY_LANGUAGE cookie and thereby exfiltrate it. This is
significant when an intermediary is enacting some policy based on cookies,
so a smuggled cookie can bypass that policy yet still be seen by the Jetty
server or its logging system. This issue has been addressed in versions
9.4.51, 10.0.14, 11.0.14, and 12.0.0.beta0 and users are advised to
upgrade. There are no known workarounds for this issue.

OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchjetty<ย anyUNKNOWN
ubuntu16.04noarchjetty<ย anyUNKNOWN

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

40.9%