CVE-2023-41900

CWE-1390CWE-287Improper Authentication7 documents6 sources
Severity
4.3MEDIUM
EPSS
0.1%
top 67.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Eclipse JettyEclipse Jetty.projectDebian Debian Linux
Timeline
PublishedSep 15

Description

Jetty is a Java based web server and servlet engine. Versions 9.4.21 through 9.4.51, 10.0.15, and 11.0.15 are vulnerable to weak authentication. If a Jetty `OpenIdAuthenticator` uses the optional nested `LoginService`, and that `LoginService` decides to revoke an already authenticated user, then the current request will still treat the user as authenticated. The authentication is then cleared from the session and subsequent requests will not be treated as authenticated. So a request on a previou

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages4 packages

Mavenorg.eclipse.jetty:jetty-openid9.4.219.4.52.v20230823+2
NVDeclipse/jetty9.4.219.4.52+2
Debianjetty9< 9.4.39-3+deb11u2+3
CVEListV5eclipse/jetty.project>= 10.0.0, <= 10.0.15, >= 11.0.0, <= 11.0.15, >= 9.4.21, <= 9.4.51+2

Also affects: Debian Linux 11.0, 12.0

Patches

Patch: github.comPatch: github.comPatch: github.com

🔴Vulnerability Details

4
GHSA
Jetty's OpenId Revoked authentication allows one request2023-09-15
CVEList
Jetty's OpenId Revoked authentication allows one request2023-09-15
OSV
Jetty's OpenId Revoked authentication allows one request2023-09-15
OSV
CVE-2023-41900: Jetty is a Java based web server and servlet engine2023-09-15

📋Vendor Advisories

2
Red Hat
jetty: OpenId Revoked authentication allows one request2023-09-14
Debian
CVE-2023-41900: jetty9 - Jetty is a Java based web server and servlet engine. Versions 9.4.21 through 9.4...2023