Sign-up

ID

VAR-202407-2669


CVE

CVE-2023-38522


TITLE

Apache Software Foundation  of  Apache Traffic Server  In  HTTP  Request Smuggling Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2023-027148

DESCRIPTION

Apache Traffic Server accepts characters that are not allowed for HTTP field names and forwards malformed requests to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue. No detailed vulnerability details are currently provided. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5758-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 26, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : trafficserver CVE ID : CVE-2023-38522 CVE-2024-35161 CVE-2024-35296 Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in denial of service or request smuggling. For the stable distribution (bookworm), these problems have been fixed in version 9.2.5+ds-0+deb12u1. We recommend that you upgrade your trafficserver packages. For the detailed security status of trafficserver please refer to its security tracker page at: https://security-tracker.debian.org/tracker/trafficserver Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmbMKBEACgkQEMKTtsN8 TjZOnw/+JNcO3mLjDjMwWUBfg7w/jCN8tIKJjAGs1bPzJ+QTOs4yy+47wWtAeJ5c Q3PrzETcXLNxFKAI+ii+Tq9DetvvgJYzm2Qxm9xeNJuhjMnUs226Om8VawTH8yL4 ijKuZZlEBCAoUTi5+ROQ6H+TDQ3KJIt/xiQp9JuDYPGBbNsyoEl+eOdmVRZTroBo heMsrvCMLneLV5kmr1IpIJfJgXvnuR57idyHAry9GOJ0xaMRdohE6oYqWuG+DeF3 1fr10jbSgX9M+tUtw1t7sFtoHjXlf3ez8fTOQ/aa+4idHtPd4GBkfDCKb+Bnoazg uuG9esu8RmfZisOFYQX4O3Bgi8KSM0Ir5Mv9sOkvy95Iqd1dJ2kjHFlvgbzzbATF aSMlj/lUwG2ALq2hoZ4IfuwLKr0hTguHtKTcralE7w+8+pbzMPzULXUw8vPIFGHq VKS0S6XzXHuFchyhfKJFXuUD4uAjijVPzCAMyvlIH98hBfRSbzOP1dwRrHN7YVk4 fmkf6yjQ5hB/ecXFCQkXJUXOJNwm41sMpZUkdywFh1iFnV6Hl3We3JD0wdjURReY 4ZzGR2PkgWQN56UvkzF4xq8VmtBZ3lTSHH6kmmlgpmBFgtdWhnvl/3Jp4dfO3uh5 2Lt5vf01Ae4jkT+93uaMtDlr8YBEr2JHLEWCA3ZRC4ux3mnGRN8= =Q6vb -----END PGP SIGNATURE-----

Trust: 2.25

sources: NVD: CVE-2023-38522 // JVNDB: JVNDB-2023-027148 // CNVD: CNVD-2024-35169 // PACKETSTORM: 180380

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2024-35169

AFFECTED PRODUCTS

vendor:apachemodel:traffic serverscope:ltversion:9.2.5

Trust: 1.0

vendor:apachemodel:traffic serverscope:gteversion:9.0.0

Trust: 1.0

vendor:apachemodel:traffic serverscope:ltversion:8.1.11

Trust: 1.0

vendor:apachemodel:traffic serverscope:gteversion:8.0.0

Trust: 1.0

vendor:apachemodel:traffic serverscope: - version: -

Trust: 0.8

vendor:apachemodel:traffic serverscope:eqversion: -

Trust: 0.8

vendor:apachemodel:traffic serverscope:eqversion:9.0.0 that's all 9.2.5

Trust: 0.8

vendor:apachemodel:traffic serverscope:eqversion:8.0.0 that's all 8.1.11

Trust: 0.8

vendor:apachemodel:traffic serverscope:gteversion:8.0.0,<=8.1.10

Trust: 0.6

vendor:apachemodel:traffic serverscope:gteversion:9.0.0,<=9.2.4

Trust: 0.6

sources: CNVD: CNVD-2024-35169 // JVNDB: JVNDB-2023-027148 // NVD: CVE-2023-38522

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-38522
value: HIGH

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2023-38522
value: HIGH

Trust: 1.0

NVD: CVE-2023-38522
value: HIGH

Trust: 0.8

CNVD: CNVD-2024-35169
value: HIGH

Trust: 0.6

CNVD: CNVD-2024-35169
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:C/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: COMPLETE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2023-38522
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: CVE-2023-38522
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2024-35169 // JVNDB: JVNDB-2023-027148 // NVD: CVE-2023-38522 // NVD: CVE-2023-38522

PROBLEMTYPE DATA

problemtype:CWE-86

Trust: 1.0

problemtype:CWE-444

Trust: 1.0

problemtype:HTTP Request Smuggling (CWE-444) [ others ]

Trust: 0.8

problemtype:Web Improper sanitization of invalid characters in in-page identifiers (CWE-86) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-027148 // NVD: CVE-2023-38522

PATCH

title:Patch for Apache Traffic Server Input Validation Error Vulnerability (CNVD-2024-35169)url:https://www.cnvd.org.cn/patchInfo/show/576151

Trust: 0.6

sources: CNVD: CNVD-2024-35169

EXTERNAL IDS

db:NVDid:CVE-2023-38522

Trust: 3.3

db:JVNDBid:JVNDB-2023-027148

Trust: 0.8

db:CNVDid:CNVD-2024-35169

Trust: 0.6

db:PACKETSTORMid:180380

Trust: 0.1

sources: CNVD: CNVD-2024-35169 // JVNDB: JVNDB-2023-027148 // PACKETSTORM: 180380 // NVD: CVE-2023-38522

REFERENCES

url:https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2023-38522

Trust: 0.9

url:https://cxsecurity.com/cveshow/cve-2023-38522/

Trust: 0.6

url:https://security-tracker.debian.org/tracker/trafficserver

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-35296

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-35161

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

sources: CNVD: CNVD-2024-35169 // JVNDB: JVNDB-2023-027148 // PACKETSTORM: 180380 // NVD: CVE-2023-38522

CREDITS

Debian

Trust: 0.1

sources: PACKETSTORM: 180380

SOURCES

db:CNVDid:CNVD-2024-35169
db:JVNDBid:JVNDB-2023-027148
db:PACKETSTORMid:180380
db:NVDid:CVE-2023-38522

LAST UPDATE DATE

2024-08-28T22:57:02.951000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2024-35169date:2024-08-13T00:00:00
db:JVNDBid:JVNDB-2023-027148date:2024-08-16T04:59:00
db:NVDid:CVE-2023-38522date:2024-08-13T09:15:04.310

SOURCES RELEASE DATE

db:CNVDid:CNVD-2024-35169date:2024-08-06T00:00:00
db:JVNDBid:JVNDB-2023-027148date:2024-08-16T00:00:00
db:PACKETSTORMid:180380date:2024-08-26T15:09:12
db:NVDid:CVE-2023-38522date:2024-07-26T10:15:01.923