CVE-2024-35161

CWE-444 — HTTP Request Smuggling CWE-20 — Improper Input Validation5 documents5 sources

Severity

7.5HIGH

EPSS

0.3%

top 43.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Traffic Server Apache Software Foundation Apache Traffic Server

Timeline

PublishedJul 26

Description

Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4. Users can set a new setting (proxy.config.http.drop_chunked_trailers) not to forward chunked trailer section. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶NVDapache/traffic_server8.0.0 — 8.1.11+1

▶CVEListV5apache_software_foundation/apache_traffic_server8.0.0 — 8.1.10+1

▶Debiantrafficserver< 8.1.11+ds-0+deb11u1+1

🔴Vulnerability Details

CVEList

Apache Traffic Server: Incomplete check for chunked trailer section allows request smuggling↗2024-07-26

▶

GHSA

GHSA-j49j-p46f-pfcv: Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers↗2024-07-26

▶

OSV

CVE-2024-35161: Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers↗2024-07-26

▶

📋Vendor Advisories

Debian

CVE-2024-35161: trafficserver - Apache Traffic Server forwards malformed HTTP chunked trailer section to origin ...↗2024

▶