CVE-2019-17513

An issue was discovered in Ratpack before 1.7.5. Due to a misuse of the Netty library class DefaultHttpHeaders, there is no validation that headers lack HTTP control characters. Thus, if untrusted data is used to construct HTTP headers with Ratpack, HTTP Response Splitting can occur.

CVSS v3.0 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3.0 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://github.com/ratpack/ratpack/commit/c560a8d10cb8bdd7a526c1ca2e67c8f224ca23ae	Patch
https://github.com/ratpack/ratpack/releases/tag/v1.7.5	Release Notes Third Party Advisory
https://github.com/ratpack/ratpack/security/advisories/GHSA-mvqp-q37c-wf9j	Third Party Advisory
https://ratpack.io/versions/1.7.5	Vendor Advisory
https://github.com/ratpack/ratpack/commit/efb910d38a96494256f36675ef0e5061097dd77d	Patch

Advertisement

Configurations

Configuration 1 (hide)

cpe:2.3:a:ratpack_project:ratpack:*:*:*:*:*:*:*:*

Information

Published : 2019-10-17 20:15

Updated : 2020-08-24 10:37

NVD link : CVE-2019-17513

Mitre link : CVE-2019-17513

JSON object : View

CWE

CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Advertisement

Products Affected

ratpack_project

ratpack

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/ratpack/ratpack/commit/c560a8d10cb8bdd7a526c1ca2e67c8f224ca23ae", "name": "https://github.com/ratpack/ratpack/commit/c560a8d10cb8bdd7a526c1ca2e67c8f224ca23ae", "tags": ["Patch"], "refsource": "MISC"}, {"url": "https://github.com/ratpack/ratpack/releases/tag/v1.7.5", "name": "https://github.com/ratpack/ratpack/releases/tag/v1.7.5", "tags": ["Release Notes", "Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "https://github.com/ratpack/ratpack/security/advisories/GHSA-mvqp-q37c-wf9j", "name": "https://github.com/ratpack/ratpack/security/advisories/GHSA-mvqp-q37c-wf9j", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "https://ratpack.io/versions/1.7.5", "name": "https://ratpack.io/versions/1.7.5", "tags": ["Vendor Advisory"], "refsource": "MISC"}, {"url": "https://github.com/ratpack/ratpack/commit/efb910d38a96494256f36675ef0e5061097dd77d", "name": "https://github.com/ratpack/ratpack/commit/efb910d38a96494256f36675ef0e5061097dd77d", "tags": ["Patch"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "An issue was discovered in Ratpack before 1.7.5. Due to a misuse of the Netty library class DefaultHttpHeaders, there is no validation that headers lack HTTP control characters. Thus, if untrusted data is used to construct HTTP headers with Ratpack, HTTP Response Splitting can occur."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-74"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2019-17513", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "acInsufInfo": false, "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}}, "publishedDate": "2019-10-18T03:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:ratpack_project:ratpack:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.7.5"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2020-08-24T17:37Z"}