CVE-2023-41900— Jetty's OpenId Revoked authentication allows one request
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-41900
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Jetty's OpenId Revoked authentication allows one request
Source: NVD (National Vulnerability Database)
Vulnerability Description
Jetty is a Java based web server and servlet engine. Versions 9.4.21 through 9.4.51, 10.0.15, and 11.0.15 are vulnerable to weak authentication. If a Jetty `OpenIdAuthenticator` uses the optional nested `LoginService`, and that `LoginService` decides to revoke an already authenticated user, then the current request will still treat the user as authenticated. The authentication is then cleared from the session and subsequent requests will not be treated as authenticated. So a request on a previously authenticated session could be allowed to bypass authentication after it had been rejected by the `LoginService`. This impacts usages of the jetty-openid which have configured a nested `LoginService` and where that `LoginService` will is capable of rejecting previously authenticated users. Versions 9.4.52, 10.0.16, and 11.0.16 have a patch for this issue.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
CWE-1390
Source: NVD (National Vulnerability Database)
Vulnerability Title
Eclipse Jetty 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Eclipse Jetty是Eclipse基金会的一个开源的、基于Java的Web服务器和Java Servlet容器。 Eclipse Jetty 存在安全漏洞。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| eclipse | jetty.project | >= 9.4.21, <= 9.4.51 | - |
II. Public POCs for CVE-2023-41900
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-41900
请登录查看更多情报信息。
- https://github.com/eclipse/jetty.project/pull/9660x_refsource_MISC
- https://github.com/eclipse/jetty.project/pull/9528x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2023-41900
Same Patch Batch · eclipse · 2023-09-15 · 3 CVEs total
| CVE-2023-40167 | 5.3 MEDIUM | Jetty accepts "+" prefixed value in Content-Length |
| CVE-2023-36479 | 3.5 LOW | Jetty vulnerable to errant command quoting in CGI Servlet |
IV. Related Vulnerabilities
Same product: jetty.project
- CVE-2024-22201
Jetty connection leaking on idle timeout when TCP congested - CVE-2023-36478
HTTP/2 HPACK integer overflow and buffer allocation - CVE-2023-40167
Jetty accepts "+" prefixed value in Content-Length - CVE-2023-36479
Jetty vulnerable to errant command quoting in CGI Servlet - CVE-2023-26049
Cookie parsing of quoted values can exfiltrate values from o
V. Comments for CVE-2023-41900
No comments yet