Apache HTTP 2.4.55: Header Truncation Leads to Body Injection (CVE-2022-37436)
CVE-2022-37436 Published on January 17, 2023
Apache HTTP Server: mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response splitting
Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.
Vulnerability Analysis
CVE-2022-37436 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.
Timeline
Reported to security team
Weakness Type
What is a HTTP Response Splitting Vulnerability?
The software receives data from an upstream component, but does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.
CVE-2022-37436 has been classified to as a HTTP Response Splitting vulnerability or weakness.
Products Associated with CVE-2022-37436
stack.watch emails you whenever new vulnerabilities are published in Apache HTTP Server or Canonical Ubuntu Linux. Just hit a watch button to start following.
Affected Versions
Apache Software Foundation Apache HTTP Server:- Before 2.4.55 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.