CVE-2018-1048

Impact:
Moderate
Public Date:
2018-01-15
Bugzilla:
1534343: CVE-2018-1048 undertow: ALLOW_ENCODED_SLASH option not taken into account in the AjpRequestParser

The MITRE CVE dictionary describes this issue as:

It was found that the AJP connector in undertow, as shipped in Jboss EAP 7.1.0.GA, does not use the ALLOW_ENCODED_SLASH option and thus allow the the slash / anti-slash characters encoded in the url which may lead to path traversal and result in the information disclosure of arbitrary local files.

Find out more about CVE-2018-1048 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

CVSS3 Base Score 8.6
CVSS3 Base Metrics CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Changed
Confidentiality High
Integrity Impact None
Availability Impact None

Red Hat Security Errata

Platform Errata Release Date
Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server RHSA-2018:0480 2018-03-12
Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server (eap7-jboss-ec2-eap) RHSA-2018:0481 2018-03-12
Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server (eap7-jboss-ec2-eap) RHSA-2018:0481 2018-03-12
Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server RHSA-2018:0479 2018-03-12
Red Hat JBoss EAP 7 RHSA-2018:0478 2018-03-12

Affected Packages State

Platform Package State
Red Hat JBoss Fuse 7 Karaf Will not fix
Red Hat JBoss Fuse 6 Karaf Will not fix
Last Modified

CVE description copyright © 2017, The MITRE Corporation