This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **CVE-2020-11100** is a critical buffer error in HAProxy's HPACK decoder. It allows **Remote Code Execution (RCE)** via crafted HTTP/2 requests. π₯ Impact: System compromise.
Q2Root Cause? (CWE/Flaw)
π οΈ **Root Cause**: Flaw in `hpack-tbl.c` file, specifically the `hpack_dht_insert` function. The HPACK decoder mishandles input, leading to a buffer error. π
Q3Who is affected? (Versions/Components)
π¦ **Affected Versions**: HAProxy **1.8** through **2.x** (up to 2.1.4). β **Fixed in**: Version 2.1.4 and later. β οΈ Check your deployment!
Q4What can hackers do? (Privileges/Data)
π **Attacker Capabilities**: Remote attackers can execute arbitrary code. π No local access needed. Just send a **special HTTP/2 request** to trigger it. π―
Q5Is exploitation threshold high? (Auth/Config)
π **Exploitation Threshold**: **LOW**. It is a **Remote** vulnerability. No authentication required. Just network access to the HAProxy port. πͺ Open door!
Q6Is there a public Exp? (PoC/Wild Exploitation)
π’ **Public Exploit**: The data lists **Vendor Advisories** (Debian, Fedora, SUSE) but **no specific PoC code** in the `pocs` array. However, the nature (RCE) implies high risk if known. β οΈ
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for HAProxy versions **< 2.1.4**. Check if HTTP/2 is enabled. Look for `hpack` related components in your stack. π΅οΈββοΈ
π§ **No Patch?**: **Mitigation**: Disable HTTP/2 support if not strictly necessary. π« Or place a WAF/Reverse Proxy in front to filter malformed HPACK frames. π
Q10Is it urgent? (Priority Suggestion)
π₯ **Urgency**: **CRITICAL**. RCE via network request is a top-priority threat. π¨ Patch immediately! Do not wait. β³