Sign-up

ID

VAR-202407-2494


CVE

CVE-2024-35161


TITLE

Apache Software Foundation  of  Apache Traffic Server  In  HTTP  Request Smuggling Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2024-005375

DESCRIPTION

Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users can set a new setting (proxy.config.http.drop_chunked_trailers) not to forward chunked trailer section. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue. No detailed vulnerability details are currently available. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5758-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 26, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : trafficserver CVE ID : CVE-2023-38522 CVE-2024-35161 CVE-2024-35296 Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service or request smuggling. For the stable distribution (bookworm), these problems have been fixed in version 9.2.5+ds-0+deb12u1. We recommend that you upgrade your trafficserver packages. For the detailed security status of trafficserver please refer to its security tracker page at: https://security-tracker.debian.org/tracker/trafficserver Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmbMKBEACgkQEMKTtsN8 TjZOnw/+JNcO3mLjDjMwWUBfg7w/jCN8tIKJjAGs1bPzJ+QTOs4yy+47wWtAeJ5c Q3PrzETcXLNxFKAI+ii+Tq9DetvvgJYzm2Qxm9xeNJuhjMnUs226Om8VawTH8yL4 ijKuZZlEBCAoUTi5+ROQ6H+TDQ3KJIt/xiQp9JuDYPGBbNsyoEl+eOdmVRZTroBo heMsrvCMLneLV5kmr1IpIJfJgXvnuR57idyHAry9GOJ0xaMRdohE6oYqWuG+DeF3 1fr10jbSgX9M+tUtw1t7sFtoHjXlf3ez8fTOQ/aa+4idHtPd4GBkfDCKb+Bnoazg uuG9esu8RmfZisOFYQX4O3Bgi8KSM0Ir5Mv9sOkvy95Iqd1dJ2kjHFlvgbzzbATF aSMlj/lUwG2ALq2hoZ4IfuwLKr0hTguHtKTcralE7w+8+pbzMPzULXUw8vPIFGHq VKS0S6XzXHuFchyhfKJFXuUD4uAjijVPzCAMyvlIH98hBfRSbzOP1dwRrHN7YVk4 fmkf6yjQ5hB/ecXFCQkXJUXOJNwm41sMpZUkdywFh1iFnV6Hl3We3JD0wdjURReY 4ZzGR2PkgWQN56UvkzF4xq8VmtBZ3lTSHH6kmmlgpmBFgtdWhnvl/3Jp4dfO3uh5 2Lt5vf01Ae4jkT+93uaMtDlr8YBEr2JHLEWCA3ZRC4ux3mnGRN8= =Q6vb -----END PGP SIGNATURE-----

Trust: 2.25

sources: NVD: CVE-2024-35161 // JVNDB: JVNDB-2024-005375 // CNVD: CNVD-2024-35170 // PACKETSTORM: 180380

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2024-35170

AFFECTED PRODUCTS

vendor:apachemodel:traffic serverscope:ltversion:9.2.5

Trust: 1.0

vendor:apachemodel:traffic serverscope:gteversion:9.0.0

Trust: 1.0

vendor:apachemodel:traffic serverscope:ltversion:8.1.11

Trust: 1.0

vendor:apachemodel:traffic serverscope:gteversion:8.0.0

Trust: 1.0

vendor:apachemodel:traffic serverscope: - version: -

Trust: 0.8

vendor:apachemodel:traffic serverscope:eqversion: -

Trust: 0.8

vendor:apachemodel:traffic serverscope:eqversion:9.0.0 that's all 9.2.5

Trust: 0.8

vendor:apachemodel:traffic serverscope:eqversion:8.0.0 that's all 8.1.11

Trust: 0.8

vendor:apachemodel:traffic serverscope:gteversion:8.0.0,<=8.1.10

Trust: 0.6

vendor:apachemodel:traffic serverscope:gteversion:9.0.0,<=9.2.4

Trust: 0.6

sources: CNVD: CNVD-2024-35170 // JVNDB: JVNDB-2024-005375 // NVD: CVE-2024-35161

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2024-35161
value: HIGH

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2024-35161
value: CRITICAL

Trust: 1.0

NVD: CVE-2024-35161
value: HIGH

Trust: 0.8

CNVD: CNVD-2024-35170
value: HIGH

Trust: 0.6

CNVD: CNVD-2024-35170
severity: HIGH
baseScore: 9.4
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 9.2
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2024-35161
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2024-35161
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 5.2
version: 3.1

Trust: 1.0

NVD: CVE-2024-35161
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2024-35170 // JVNDB: JVNDB-2024-005375 // NVD: CVE-2024-35161 // NVD: CVE-2024-35161

PROBLEMTYPE DATA

problemtype:CWE-444

Trust: 1.0

problemtype:HTTP Request Smuggling (CWE-444) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-005375 // NVD: CVE-2024-35161

PATCH

title:Patch for Apache Traffic Server Input Validation Error Vulnerability (CNVD-2024-35170)url:https://www.cnvd.org.cn/patchInfo/show/576156

Trust: 0.6

sources: CNVD: CNVD-2024-35170

EXTERNAL IDS

db:NVDid:CVE-2024-35161

Trust: 3.3

db:JVNDBid:JVNDB-2024-005375

Trust: 0.8

db:CNVDid:CNVD-2024-35170

Trust: 0.6

db:PACKETSTORMid:180380

Trust: 0.1

sources: CNVD: CNVD-2024-35170 // JVNDB: JVNDB-2024-005375 // PACKETSTORM: 180380 // NVD: CVE-2024-35161

REFERENCES

url:https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2024-35161

Trust: 0.9

url:https://cxsecurity.com/cveshow/cve-2024-35161/

Trust: 0.6

url:https://security-tracker.debian.org/tracker/trafficserver

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-35296

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2023-38522

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

sources: CNVD: CNVD-2024-35170 // JVNDB: JVNDB-2024-005375 // PACKETSTORM: 180380 // NVD: CVE-2024-35161

CREDITS

Debian

Trust: 0.1

sources: PACKETSTORM: 180380

SOURCES

db:CNVDid:CNVD-2024-35170
db:JVNDBid:JVNDB-2024-005375
db:PACKETSTORMid:180380
db:NVDid:CVE-2024-35161

LAST UPDATE DATE

2024-08-28T22:57:02.907000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2024-35170date:2024-08-13T00:00:00
db:JVNDBid:JVNDB-2024-005375date:2024-08-15T02:32:00
db:NVDid:CVE-2024-35161date:2024-08-13T09:15:04.610

SOURCES RELEASE DATE

db:CNVDid:CNVD-2024-35170date:2024-08-06T00:00:00
db:JVNDBid:JVNDB-2024-005375date:2024-08-15T00:00:00
db:PACKETSTORMid:180380date:2024-08-26T15:09:12
db:NVDid:CVE-2024-35161date:2024-07-26T10:15:02.567