CVE-2022-35507

moderate-risk
Published 2022-12-04

A response-header CRLF injection vulnerability in the Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) web interface allows a remote attacker to set cookies for a victim's browser that are longer than the server expects, causing a client-side DoS. This affects Chromium-based browsers because they allow injection of response headers with %0d. This is fixed in pve-http-server 4.1-3.

Do I need to act?

!
14.3% chance of exploitation in next 30 days
EPSS score — higher than 86% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.1/10 High
NETWORK / LOW complexity

Affected Products (3)

Proxmox Mail Gateway
Virtual Environment

Affected Vendors

Proxmox

References (4)

https://git.proxmox.com/?p=pve-http-server.git%3Ba=commitdiff%3Bh=936007ae024181...
Exploit https://starlabs.sg/blog/2022/12-multiple-vulnerabilites-in-proxmox-ve--proxmox-...
https://git.proxmox.com/?p=pve-http-server.git%3Ba=commitdiff%3Bh=936007ae024181...
Exploit https://starlabs.sg/blog/2022/12-multiple-vulnerabilites-in-proxmox-ve--proxmox-...
46
/ 100
moderate-risk
Severity 25/34 · High
Exploitability 12/34 · Low
Exposure 9/34 · Low