CVE-2024-3653
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the server is not subject to the attack. The attacker needs to be able to reach the server with a normal HTTP request.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
0 <= 2.3.14.Final | affected | ||
| Red Hat | Red Hat build of Quarkus 3.8.6.redhat | 5.2.4.redhat-00001 < * | unaffected |
| Red Hat | Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 | 0:2.2.33-1.SP1_redhat_00001.1.el8eap < * | unaffected |
| Red Hat | Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9 | 0:2.2.33-1.SP1_redhat_00001.1.el9eap < * | unaffected |
| Red Hat | Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7 | 0:2.2.33-1.SP1_redhat_00001.1.el7eap < * | unaffected |
Weaknesses
- CWE-401: Missing Release of Memory after Effective Lifetime
Workarounds
Setting the maxAge configuration is sufficient to prevent the behavior of this vulnerability being explored.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
CVE Program Container
Additional References
- https://access.redhat.com/errata/RHSA-2024:4392
- https://access.redhat.com/security/cve/CVE-2024-3653
- https://bugzilla.redhat.com/show_bug.cgi?id=2274437
- https://security.netapp.com/advisory/ntap-20240828-0002/
References
- https://access.redhat.com/errata/RHSA-2024:4392
- https://access.redhat.com/errata/RHSA-2024:5143
- https://access.redhat.com/errata/RHSA-2024:5144
- https://access.redhat.com/errata/RHSA-2024:5145
- https://access.redhat.com/errata/RHSA-2024:5147
- https://access.redhat.com/errata/RHSA-2024:6437
- https://access.redhat.com/security/cve/CVE-2024-3653
- https://bugzilla.redhat.com/show_bug.cgi?id=2274437
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.