CVE-2018-1067

moderate-risk

Published 2018-05-21

In Undertow before versions 7.1.2.CR1, 7.1.2.GA it was found that the fix for CVE-2016-4993 was incomplete and Undertow web server is vulnerable to the injection of arbitrary HTTP headers, and also response splitting, due to insufficient sanitization and validation of user input before the input is used as part of an HTTP header value.

Do I need to act?

0.63% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.1/10 Medium

NETWORK / LOW complexity

Affected Products (3)

Undertow

Jboss Enterprise Application Platform

Virtualization Host

Affected Vendors

Redhat

References (14)

Vendor Advisory https://access.redhat.com/errata/RHSA-2018:1247

Vendor Advisory https://access.redhat.com/errata/RHSA-2018:1248

Vendor Advisory https://access.redhat.com/errata/RHSA-2018:1249

Vendor Advisory https://access.redhat.com/errata/RHSA-2018:1251

Vendor Advisory https://access.redhat.com/errata/RHSA-2018:2643

Vendor Advisory https://access.redhat.com/errata/RHSA-2019:0877

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1067

Vendor Advisory https://access.redhat.com/errata/RHSA-2018:1247

Vendor Advisory https://access.redhat.com/errata/RHSA-2018:1248

Vendor Advisory https://access.redhat.com/errata/RHSA-2018:1249

Vendor Advisory https://access.redhat.com/errata/RHSA-2018:1251

Vendor Advisory https://access.redhat.com/errata/RHSA-2018:2643

Vendor Advisory https://access.redhat.com/errata/RHSA-2019:0877

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1067

/ 100

moderate-risk

Severity 23/34 · High

Exploitability 2/34 · Minimal

Exposure 9/34 · Low