csaf_certbund - wid-sec-w-2023-1009

wid-sec-w-2023-1009

Vulnerability from csaf_certbund

Published

2023-04-18 22:00

Modified

2025-05-29 22:00

Summary

Eclipse Jetty: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Eclipse Jetty ist ein Java-HTTP-Server und Java-Servlet-Container.

Angriff

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Eclipse Jetty ausnutzen, um einen Denial of Service Angriff durchzuführen oder Informationen offenzulegen.

Betroffene Betriebssysteme

- Linux - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Eclipse Jetty ist ein Java-HTTP-Server und Java-Servlet-Container.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Eclipse Jetty ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-1009 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1009.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-1009 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1009"
      },
      {
        "category": "external",
        "summary": "Eclipse Security Advisory vom 2023-04-18",
        "url": "https://www.eclipse.org/lists/jetty-announce/msg00176.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 6995451 vom 2023-05-18",
        "url": "https://www.ibm.com/support/pages/node/6995451"
      },
      {
        "category": "external",
        "summary": "NetApp Security Advisory NTAP-20230526-0001 vom 2023-05-26",
        "url": "https://security.netapp.com/advisory/ntap-20230526-0001/"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7001787 vom 2023-06-07",
        "url": "https://www.ibm.com/support/pages/node/7001787"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:2539-1 vom 2023-06-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-June/015228.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7014917 vom 2023-08-01",
        "url": "https://www.ibm.com/support/pages/node/7014917"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:5165 vom 2023-09-14",
        "url": "https://access.redhat.com/errata/RHSA-2023:5165"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5507 vom 2023-09-29",
        "url": "https://lists.debian.org/debian-security-announce/2023/msg00200.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3592 vom 2023-09-30",
        "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00039.html"
      },
      {
        "category": "external",
        "summary": "Hitachi Vulnerability Information HITACHI-SEC-2023-144 vom 2023-10-03",
        "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-144/index.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:5441 vom 2023-10-04",
        "url": "https://access.redhat.com/errata/RHSA-2023:5441"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7067421 vom 2023-11-07",
        "url": "https://www.ibm.com/support/pages/node/7067421"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7067416 vom 2023-11-07 vom 2023-11-06",
        "url": "https://www.ibm.com/support/pages/node/7067416"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7070740 vom 2023-11-16",
        "url": "https://www.ibm.com/support/pages/node/7070740"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7082766 vom 2023-11-28",
        "url": "https://www.ibm.com/support/pages/node/7082766"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7638 vom 2023-12-05",
        "url": "https://access.redhat.com/errata/RHSA-2023:7638"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7641 vom 2023-12-05",
        "url": "https://access.redhat.com/errata/RHSA-2023:7641"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7639 vom 2023-12-05",
        "url": "https://access.redhat.com/errata/RHSA-2023:7639"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7637 vom 2023-12-05",
        "url": "https://access.redhat.com/errata/RHSA-2023:7637"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7099297 vom 2023-12-18",
        "url": "https://www.ibm.com/support/pages/node/7099297"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0778 vom 2024-02-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:0778"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0804 vom 2024-02-13",
        "url": "https://access.redhat.com/errata/RHSA-2024:0804"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0799 vom 2024-02-14",
        "url": "https://access.redhat.com/errata/RHSA-2024:0799"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7153639 vom 2024-05-17",
        "url": "https://www.ibm.com/support/pages/node/7153639"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3385 vom 2024-05-28",
        "url": "https://access.redhat.com/errata/RHSA-2024:3385"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7156278 vom 2024-06-03",
        "url": "https://www.ibm.com/support/pages/node/7156278"
      },
      {
        "category": "external",
        "summary": "Brocade Security Advisory BSA-2024-2756 vom 2024-11-02",
        "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25087"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7235064 vom 2025-05-29",
        "url": "https://www.ibm.com/support/pages/node/7235064"
      }
    ],
    "source_lang": "en-US",
    "title": "Eclipse Jetty: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-05-29T22:00:00.000+00:00",
      "generator": {
        "date": "2025-05-30T09:12:24.350+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2023-1009",
      "initial_release_date": "2023-04-18T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-04-18T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2023-05-18T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2023-05-29T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von NetApp aufgenommen"
        },
        {
          "date": "2023-06-06T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2023-06-18T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2023-07-31T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2023-09-14T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-09-28T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2023-10-01T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2023-10-03T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von HITACHI aufgenommen"
        },
        {
          "date": "2023-10-04T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-11-06T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2023-11-16T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
        },
        {
          "date": "2023-11-27T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2023-12-04T23:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-12-18T23:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-02-11T23:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-02-13T23:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-05-16T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-05-28T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-06-03T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-11-03T23:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von BROCADE aufgenommen"
        },
        {
          "date": "2025-05-29T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von IBM aufgenommen"
        }
      ],
      "status": "final",
      "version": "23"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2.3.1a",
                "product": {
                  "name": "Broadcom Brocade SANnav \u003c2.3.1a",
                  "product_id": "T038317"
                }
              },
              {
                "category": "product_version",
                "name": "2.3.1a",
                "product": {
                  "name": "Broadcom Brocade SANnav 2.3.1a",
                  "product_id": "T038317-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:broadcom:brocade_sannav:2.3.1a"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Brocade SANnav"
          }
        ],
        "category": "vendor",
        "name": "Broadcom"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c11.0.15",
                "product": {
                  "name": "Eclipse Jetty \u003c11.0.15",
                  "product_id": "T027452"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.15",
                "product": {
                  "name": "Eclipse Jetty 11.0.15",
                  "product_id": "T027452-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:eclipse:jetty:11.0.15"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.0.15",
                "product": {
                  "name": "Eclipse Jetty \u003c10.0.15",
                  "product_id": "T027453"
                }
              },
              {
                "category": "product_version",
                "name": "10.0.15",
                "product": {
                  "name": "Eclipse Jetty 10.0.15",
                  "product_id": "T027453-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:eclipse:jetty:10.0.15"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.4.51",
                "product": {
                  "name": "Eclipse Jetty \u003c9.4.51",
                  "product_id": "T027454"
                }
              },
              {
                "category": "product_version",
                "name": "9.4.51",
                "product": {
                  "name": "Eclipse Jetty 9.4.51",
                  "product_id": "T027454-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:eclipse:jetty:9.4.51"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Jetty"
          }
        ],
        "category": "vendor",
        "name": "Eclipse"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cAnalyzer 10.9.3-00",
                "product": {
                  "name": "Hitachi Ops Center \u003cAnalyzer 10.9.3-00",
                  "product_id": "T030196"
                }
              },
              {
                "category": "product_version",
                "name": "Analyzer 10.9.3-00",
                "product": {
                  "name": "Hitachi Ops Center Analyzer 10.9.3-00",
                  "product_id": "T030196-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hitachi:ops_center:analyzer_10.9.3-00"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cViewpoint 10.9.3-00",
                "product": {
                  "name": "Hitachi Ops Center \u003cViewpoint 10.9.3-00",
                  "product_id": "T030197"
                }
              },
              {
                "category": "product_version",
                "name": "Viewpoint 10.9.3-00",
                "product": {
                  "name": "Hitachi Ops Center Viewpoint 10.9.3-00",
                  "product_id": "T030197-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hitachi:ops_center:viewpoint_10.9.3-00"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Ops Center"
          }
        ],
        "category": "vendor",
        "name": "Hitachi"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "IBM Business Automation Workflow",
                "product": {
                  "name": "IBM Business Automation Workflow",
                  "product_id": "T019704",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:business_automation_workflow:-"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cinterim fix DT213400",
                "product": {
                  "name": "IBM Business Automation Workflow \u003cinterim fix DT213400",
                  "product_id": "T027778"
                }
              },
              {
                "category": "product_version",
                "name": "interim fix DT213400",
                "product": {
                  "name": "IBM Business Automation Workflow interim fix DT213400",
                  "product_id": "T027778-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:business_automation_workflow:interim_fix_dt213400"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Business Automation Workflow"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "11.7",
                "product": {
                  "name": "IBM InfoSphere Information Server 11.7",
                  "product_id": "444803",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:infosphere_information_server:11.7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "InfoSphere Information Server"
          },
          {
            "category": "product_name",
            "name": "IBM Integration Bus",
            "product": {
              "name": "IBM Integration Bus",
              "product_id": "T011169",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:integration_bus:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7.6.1.3",
                "product": {
                  "name": "IBM Maximo Asset Management 7.6.1.3",
                  "product_id": "1234217",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:maximo_asset_management:7.6.1.3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.6.1",
                "product": {
                  "name": "IBM Maximo Asset Management 7.6.1",
                  "product_id": "389168",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:maximo_asset_management:7.6.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Maximo Asset Management"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "8.10.x",
                "product": {
                  "name": "IBM Operational Decision Manager 8.10.x",
                  "product_id": "T027827",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:operational_decision_manager:8.10.x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.11.x",
                "product": {
                  "name": "IBM Operational Decision Manager 8.11.x",
                  "product_id": "T027828",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:operational_decision_manager:8.11.x"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Operational Decision Manager"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7.5",
                "product": {
                  "name": "IBM QRadar SIEM 7.5",
                  "product_id": "T022954",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:7.5"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "QRadar SIEM"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c5.3.2.6",
                "product": {
                  "name": "IBM Rational Change \u003c5.3.2.6",
                  "product_id": "T028986"
                }
              },
              {
                "category": "product_version",
                "name": "5.3.2.6",
                "product": {
                  "name": "IBM Rational Change 5.3.2.6",
                  "product_id": "T028986-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:rational_change:5.3.2.6"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Rational Change"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "for Linux",
                "product": {
                  "name": "NetApp ActiveIQ Unified Manager for Linux",
                  "product_id": "T023548",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:netapp:active_iq_unified_manager:for_linux"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "for Microsoft Windows",
                "product": {
                  "name": "NetApp ActiveIQ Unified Manager for Microsoft Windows",
                  "product_id": "T025631",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:netapp:active_iq_unified_manager:for_microsoft_windows"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "ActiveIQ Unified Manager"
          }
        ],
        "category": "vendor",
        "name": "NetApp"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Red Hat JBoss Enterprise Application Platform",
            "product": {
              "name": "Red Hat JBoss Enterprise Application Platform",
              "product_id": "T003085",
              "product_identification_helper": {
                "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-26048",
      "product_status": {
        "known_affected": [
          "T038317",
          "67646",
          "T011169",
          "389168",
          "T030196",
          "T030197",
          "T022954",
          "T023548",
          "T027827",
          "T027828",
          "2951",
          "T002207",
          "444803",
          "T019704",
          "T025631",
          "T027778",
          "T028986",
          "1234217",
          "T027454",
          "T003085",
          "T027452",
          "T027453"
        ]
      },
      "release_date": "2023-04-18T22:00:00.000+00:00",
      "title": "CVE-2023-26048"
    },
    {
      "cve": "CVE-2023-26049",
      "product_status": {
        "known_affected": [
          "T038317",
          "67646",
          "T011169",
          "389168",
          "T030196",
          "T030197",
          "T022954",
          "T023548",
          "T027827",
          "T027828",
          "2951",
          "T002207",
          "444803",
          "T019704",
          "T025631",
          "T027778",
          "T028986",
          "1234217",
          "T027454",
          "T003085",
          "T027452",
          "T027453"
        ]
      },
      "release_date": "2023-04-18T22:00:00.000+00:00",
      "title": "CVE-2023-26049"
    }
  ]
}

CVE-2023-26049 (GCVE-0-2023-26049)

Vulnerability from cvelistv5

Published

2023-04-18 20:35

Modified

2025-02-13 16:44

Severity ?

2.4 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N

CWE

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Summary

Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with `"` (double quote), it will continue to read the cookie string until it sees a closing quote -- even if a semicolon is encountered. So, a cookie header such as: `DISPLAY_LANGUAGE="b; JSESSIONID=1337; c=d"` will be parsed as one cookie, with the name DISPLAY_LANGUAGE and a value of b; JSESSIONID=1337; c=d instead of 3 separate cookies. This has security implications because if, say, JSESSIONID is an HttpOnly cookie, and the DISPLAY_LANGUAGE cookie value is rendered on the page, an attacker can smuggle the JSESSIONID cookie into the DISPLAY_LANGUAGE cookie and thereby exfiltrate it. This is significant when an intermediary is enacting some policy based on cookies, so a smuggled cookie can bypass that policy yet still be seen by the Jetty server or its logging system. This issue has been addressed in versions 9.4.51, 10.0.14, 11.0.14, and 12.0.0.beta0 and users are advised to upgrade. There are no known workarounds for this issue.

References

►

URL

	Vendor	Product	Version
	eclipse	jetty.project	Version: < 9.4.51 Version: >= 10.0.0, < 10.0.14 Version: >= 11.0.0, < 11.0.14 Version: >= 12.0.0.alpha0, < 12.0.0.beta0

CVE-2023-26048 (GCVE-0-2023-26048)

Vulnerability from cvelistv5

Published

2023-04-18 20:30

Modified

2025-02-13 16:44

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-400 - Uncontrolled Resource Consumption

Summary

Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated with `@MultipartConfig`) that call `HttpServletRequest.getParameter()` or `HttpServletRequest.getParts()` may cause `OutOfMemoryError` when the client sends a multipart request with a part that has a name but no filename and very large content. This happens even with the default settings of `fileSizeThreshold=0` which should stream the whole part content to disk. An attacker client may send a large multipart request and cause the server to throw `OutOfMemoryError`. However, the server may be able to recover after the `OutOfMemoryError` and continue its service -- although it may take some time. This issue has been patched in versions 9.4.51, 10.0.14, and 11.0.14. Users are advised to upgrade. Users unable to upgrade may set the multipart parameter `maxRequestSize` which must be set to a non-negative value, so the whole multipart content is limited (although still read into memory).

References

►

URL

	Vendor	Product	Version
	eclipse	jetty.project	Version: < 9.4.51 Version: >= 10.0.0, < 10.0.14 Version: >= 11.0.0, < 11.0.14

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

wid-sec-w-2023-1009

Vulnerability from csaf_certbund

CVE-2023-26049 (GCVE-0-2023-26049)

Vulnerability from cvelistv5

CVE-2023-26048 (GCVE-0-2023-26048)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature