CVE-2024-35161

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-35161
Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users can set a new setting (proxy.config.http.drop_chunked_trailers) not to forward chunked trailer section. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0 Mailing List Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*
History

13 Aug 2024, 09:15

Type Values Removed Values Added
CWE CWE-20

12 Aug 2024, 13:39

Type Values Removed Values Added
CPE cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*
References () https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0 - () https://lists.apache.org/thread/c4mcmpblgl8kkmyt56t23543gp8v56m0 - Mailing List, Vendor Advisory
CWE CWE-444
First Time Apache traffic Server
Apache
CVSS v2 : unknown
v3 : 9.1 		v2 : unknown
v3 : 7.5

01 Aug 2024, 13:52

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.1

26 Jul 2024, 12:38

Type Values Removed Values Added
Summary
  • (es) Apache Traffic Server reenvía la sección fragmentada HTTP mal formada a los servidores de origen. Esto se puede utilizar para el contrabando de solicitudes y también puede provocar un envenenamiento de la caché si los servidores de origen son vulnerables. Este problema afecta a Apache Traffic Server: desde la versión 8.0.0 hasta la 8.1.10, desde la versión 9.0.0 hasta la 9.2.4. Los usuarios pueden establecer una nueva configuración (proxy.config.http.drop_chunked_trailers) para no reenviar la sección fragmentada del tráiler. Se recomienda a los usuarios que actualicen a la versión 8.1.11 o 9.2.5, que soluciona el problema.

26 Jul 2024, 10:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-26 10:15

Updated : 2024-08-13 09:15

NVD link : CVE-2024-35161

Mitre link : CVE-2024-35161

CVE.ORG link : CVE-2024-35161

JSON object : View

Products Affected

apache

  • traffic_server
CWE
CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')