Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-5379— Undertow: ajp request closes connection exceeding maxrequestsize

CVSS 7.5 · High EPSS 0.16% · P37
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-5379

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Undertow: ajp request closes connection exceeding maxrequestsize
Source: NVD (National Vulnerability Database)
Vulnerability Description
A flaw was found in Undertow. When an AJP request is sent that exceeds the max-header-size attribute in ajp-listener, JBoss EAP is marked in an error state by mod_cluster in httpd, causing JBoss EAP to close the TCP connection without returning an AJP response. This happens because mod_proxy_cluster marks the JBoss EAP instance as an error worker when the TCP connection is closed from the backend after sending the AJP request without receiving an AJP response, and stops forwarding. This issue could allow a malicious user could to repeatedly send requests that exceed the max-header-size, causing a Denial of Service (DoS).
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
不加限制或调节的资源分配
Source: NVD (National Vulnerability Database)
Vulnerability Title
Red Hat Undertow 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Red Hat Undertow是美国红帽(Red Hat)公司的一款基于Java的嵌入式Web服务器,是Wildfly(Java应用服务器)默认的Web服务器。 Red Hat Undertow 存在安全漏洞,该漏洞源于当发送 AJP 请求后未收到 AJP 响应,从后端关闭 TCP 连接时,mod_proxy_cluster 会将 JBoss EAP 实例标记为错误工作器并停止转发,攻击者利用该漏洞可以重复发送超过最大标头大小的请求,从而导致拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Red HatRed Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 0:3.0.1-4.b08_redhat_00005.1.ep7.el7 ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 0:5.1.17-3.Final_redhat_00004.1.ep7.el7 ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 0:2.8.11.6-3.SP1_redhat_00003.1.ep7.el7 ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 0:4.0.12-1.Final_redhat_00002.1.ep7.el7 ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 0:4.1.63-2.Final_redhat_00003.1.ep7.el7 ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 0:1.4.18-16.SP14_redhat_00001.1.ep7.el7 ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 0:7.1.11-4.GA_redhat_00002.1.ep7.el7 ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 0:1.1.14-1.Final_redhat_00001.1.ep7.el7 ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 0:1.0.21-1.Final_redhat_00001.1.ep7.el7 ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 0:1.0.13-1.Final_redhat_00001.1.ep7.el7 ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 0:1.0.12-1.Final_redhat_00001.1.ep7.el7 ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 0:1.0.12-6.Final_redhat_00001.1.ep7.el7 ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 0:2.10.4-3.redhat_00006.1.el7eap ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 0:2.10.4-3.redhat_00006.1.el7eap ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 0:2.10.4-5.redhat_00006.1.el7eap ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 0:2.10.4-3.redhat_00006.1.el7eap ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 0:2.10.4-5.redhat_00006.1.el7eap ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 0:2.10.4-2.redhat_00006.1.el7eap ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 0:1.7.2-16.Final_redhat_00017.1.el7eap ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 0:4.1.63-5.Final_redhat_00003.1.el7eap ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 0:2.0.41-4.SP5_redhat_00001.1.el7eap ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 0:7.3.14-3.GA_redhat_00002.1.el7eap ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
Red HatRed Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 0:1.10.17-1.Final_redhat_00001.1.el7eap ~ * cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7
Red HatRed Hat build of Quarkus-cpe:/a:redhat:quarkus:2
Red HatRed Hat Data Grid 8-cpe:/a:redhat:jboss_data_grid:8
Red HatRed Hat Decision Manager 7-cpe:/a:redhat:jboss_enterprise_brms_platform:7
Red HatRed Hat Fuse 7-cpe:/a:redhat:jboss_fuse:7
Red HatRed Hat JBoss Data Grid 7-cpe:/a:redhat:jboss_data_grid:7
Red HatRed Hat JBoss Enterprise Application Platform 7-cpe:/a:redhat:jboss_enterprise_application_platform:7
Red HatRed Hat JBoss Fuse 6-cpe:/a:redhat:jboss_fuse:6
Red HatRed Hat Process Automation 7-cpe:/a:redhat:jboss_enterprise_bpms_platform:7
Red HatRed Hat Single Sign-On 7-cpe:/a:redhat:red_hat_single_sign_on:7
Red HatRed Hat support for Spring Boot-cpe:/a:redhat:openshift_application_runtimes:1.0

II. Public POCs for CVE-2023-5379

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2023-5379

登录查看更多情报信息。

Same Patch Batch · Red Hat · 2023-12-12 · 4 CVEs total

CVE-2023-57647.1 HIGHAnsible: template injection
CVE-2023-49586.1 MEDIUMStackrox: missing http security headers allows for clickjacking in web ui
CVE-2023-67105.4 MEDIUMMod_cluster/mod_proxy_cluster: stored cross site scripting

IV. Related Vulnerabilities

Same vendor: Red Hat
Same weakness: CWE-770

V. Comments for CVE-2023-5379

No comments yet

Leave a comment