CVE-2017-7657 vulnerability in Eclipse and Other Products

CVE-2017-7657 vulnerability in Eclipse and Other Products
Published on June 26, 2018

In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.

Weakness Type

What is a HTTP Request Smuggling Vulnerability?

When malformed or abnormal HTTP requests are interpreted by one or more entities in the data flow between the user and the web server, such as a proxy or firewall, they can be interpreted inconsistently, allowing the attacker to "smuggle" a request to one device without the other device being aware of it.

CVE-2017-7657 has been classified to as a HTTP Request Smuggling vulnerability or weakness.

Products Associated with CVE-2017-7657

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2017-7657 are published in these products:

Affected Versions

Version unspecified, <= 9.2.0 is affected.

Version 9.3.0 and below unspecified is affected.

Version unspecified and below 9.3.24 is affected.

Version 9.4.0 and below unspecified is affected.

Version unspecified and below 9.4.11 is affected.

Exploit Probability

EPSS

9.10%

Percentile

92.50%