Exploit
CVE-2022-41915

Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') (CWE-113)

Published: Dec 12, 2022

010
CVSS 6.5EPSS 0.07%Medium
CVE info copied to clipboard

Netty project is an event-driven asynchronous network application framework. Starting in version 4.1.83.Final and prior to 4.1.86.Final, when calling `DefaultHttpHeadesr.set` with an _iterator_ of values, header value validation was not performed, allowing malicious header values in the iterator to perform HTTP Response Splitting. This issue has been patched in version 4.1.86.Final. Integrators can work around the issue by changing the `DefaultHttpHeaders.set(CharSequence, Iterator )` call, into a `remove()` call, and call `add()` in a loop over the iterator of values.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Timeline

First Article

Feedly found the first article mentioning CVE-2022-41915. See article

Dec 12, 2022 at 4:07 PM / unknown
Threat Intelligence Report

CVE-2022-41915 is a vulnerability in Netty that can lead to denial of service and response splitting, impacting the Operations Dashboard. The criticality of this vulnerability is underscored by its potential to disrupt services, although specific CVSS scores, exploitation details, and available mitigations or patches are not provided in the given information. Additionally, there is no mention of proof-of-concept exploits or downstream impacts on third-party vendors or technologies. See article

Mar 2, 2023 at 5:25 PM
EPSS

EPSS Score was set to: 0.07% (Percentile: 27.1%)

Sep 22, 2023 at 11:29 AM
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Nessus (202724)

Jul 20, 2024 at 1:15 AM
Static CVE Timeline Graph

Affected Systems

Netty/netty
+null more

Exploits

https://github.com/netty/netty/issues/13084
+null more

Patches

Github Advisory
+null more

Attack Patterns

CAPEC-31: Accessing/Intercepting/Modifying HTTP Cookies
+null more

Vendor Advisory

Netty vulnerable to HTTP Response splitting from assigning header value iterator
When calling DefaultHttpHeaders.set with an iterator of values (as opposed to a single given value), header value validation was not performed, allowing malicious header values in the iterator to perform HTTP Response Splitting. Package Information

References

Netty 4.1.86.Final released
Beside this this release contains various small bug-fixes. This release contains two CVE fixes, one which is considered as Severity High and can be triggered remotely (if you use the )!
Netty 4.1.86.Final released
Beside this this release contains various small bug-fixes. This release contains two CVE fixes, one which is considered as Severity High and can be triggered remotely (if you use the )!
Couchbase Alerts
The v8 Javascript engine as used in the Couchbase Server Eventing Service, View Engine, XDCR and N1QL UDFs has been updated as there's a type confusion in versions prior to 99.0.4844.84 which allowed a remote attacker to potentially exploit heap corruption via a crafted request. When Sync Gateway is configured to authenticate with Couchbase Server using X.509 client certificates, the admin credentials provided to the Admin REST API are ignored, resulting in privilege escalation for unauthenticated users.

News

Multiple vulnerabilities in Dell Data Protection Central
A remote attacker can pass specially crafted data to the application, trigger a type confusion error and perform a denial of service (DoS) attack or read memory contents. Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Oracle Critical Patch Update Advisory - July 2024
Multiple vulnerabilities in IBM Security Verify Access
The vulnerability allows a local user to perform a denial of service (DoS) attack. The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
CVE-2022-41915 vulnerabilities
Vulnerabilities for packages:...
Multiple vulnerabilities in Netcool Operations Insight
See 93 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:Low
Integrity:Low
Availability Impact:None

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI