CVE-2018-1067

Impact:
Moderate
Public Date:
2018-04-25
CWE:
CWE-113
Bugzilla:
1550671: CVE-2018-1067 undertow: HTTP header injection using CRLF with UTF-8 Encoding (incomplete fix of CVE-2016-4993)
It was found that the fix for CVE-2016-4993 was incomplete and Undertow web server is vulnerable to the injection of arbitrary HTTP headers, and also response splitting, due to insufficient sanitization and validation of user input before the input is used as part of an HTTP header value.

Find out more about CVE-2018-1067 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

Base Score 5.8
Base Metrics AV:N/AC:M/Au:N/C:P/I:P/A:N
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact None

CVSS v3 metrics

CVSS3 Base Score 5.4
CVSS3 Base Metrics CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality Low
Integrity Impact Low
Availability Impact None

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (rhvm-appliance) RHSA-2018:2643 2018-09-04
Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server RHSA-2018:1248 2018-04-25
Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6 Server (eap7-jboss-ec2-eap) RHSA-2018:1249 2018-04-25
Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server RHSA-2018:1247 2018-04-25
Red Hat JBoss EAP 7.1 RHSA-2018:1251 2018-04-25
Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7 Server (eap7-jboss-ec2-eap) RHSA-2018:1249 2018-04-25

Affected Packages State

Platform Package State
Red Hat Virtualization 4 eap7-undertow Affected
Red Hat Virtualization 4 eap7-wildfly Not affected
Red Hat Software Collections for Red Hat Enterprise Linux rh-java-common-tomcat Not affected
Red Hat Single Sign-On 7 wildfly Under investigation
Red Hat OpenShift Application Runtimes 1.0 swarm Affected
Red Hat JBoss Fuse Service Works 6 jbossweb Will not fix
Red Hat JBoss Fuse 6 jbossweb Will not fix
Red Hat JBoss Enterprise SOA Platform 5 jbossweb Will not fix
Red Hat JBoss EWS 2 tomcat7 Not affected
Red Hat JBoss EWS 2 tomcat6 Not affected
Red Hat JBoss EAP 6 jbossweb Not affected
Red Hat JBoss EAP 5 jbossweb Under investigation
Red Hat JBoss Data Grid 7 wildfly Under investigation
Red Hat JBoss Data Grid 6 jbossweb Under investigation
Red Hat JBoss BRMS 5 jbossweb Will not fix
Red Hat Enterprise Linux 7 tomcat Not affected
Red Hat Enterprise Linux 6 tomcat6 Not affected
Red Hat Enterprise Linux 5 tomcat5 Not affected

Acknowledgements

Red Hat would like to thank Ammarit Thongthua (Deloitte Thailand Pentest team) and Nattakit Intarasorn (Deloitte Thailand Pentest team) for reporting this issue.

Last Modified
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.