CVE-2019-16785

Published: Dic 20, 2019 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2019-0156 Aliases: GHSA-pg36-wpm5-g57p, PYSEC-2019-136
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,1
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: low
User Interaction: none
Scope: changed
Confidentiality: high
Integrity: low
Availability: none
MEDIUM 5,0
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: none
Confidentiality: none
Integrity: partial
Availability: none

Description

AI Translation Available

Waitress through version 1.3.1 implemented a 'MAY' part of the RFC7230 which states: 'Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR.' Unfortunately if a front-end server does not parse header fields with an LF the same way as it does those with a CRLF it can lead to the front-end and the back-end server parsing the same HTTP message in two different ways. This can lead to a potential for HTTP request smuggling/splitting whereby Waitress may see two requests while the front-end server only sees a single HTTP message. This issue is fixed in Waitress 1.4.0.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0043
Percentile
0,6th
Updated

EPSS Score Trend (Last 90 Days)

444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Incomplete
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Non-Repudiation Access Control
Potential Impacts:
Unexpected State Hide Activities Bypass Protection Mechanism
Applicable Platforms
Technologies: Web Based, Web Server
View CWE Details
Application

Waitress by Agendaless

Product Information
Vendor Agendaless
Product Waitress
Version Range Affected
To 1.3.1 (inclusive)
cpe:2.3:a:agendaless:waitress:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Openstack by Redhat

Product Information
Vendor Redhat
Product Openstack
Version 15
cpe:2.3:a:redhat:openstack:15:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Fedora by Fedoraproject

Product Information
Vendor Fedoraproject
Product Fedora
Version 31
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Fedora by Fedoraproject

Product Information
Vendor Fedoraproject
Product Fedora
Version 30
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Communications Cloud Native Core Network Function Cloud Native Environment by Oracle

Product Information
Vendor Oracle
Product Communications Cloud Native Core Network Function Cloud Native Environment
Version 1.10.0
cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Debian Linux by Debian

Product Information
Vendor Debian
Product Debian Linux
Version 9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://access.redhat.com/errata/RHSA-2020:0720
Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0720
https://docs.pylonsproject.org/projects/waitress/en/latest/…
Vendor Advisory
https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes
https://github.com/Pylons/waitress/commit/8eba394ad75deaf9e…
Patch Third Party Advisory
https://github.com/Pylons/waitress/commit/8eba394ad75deaf9e5cd15b78a3d16b12e6b0…
https://github.com/Pylons/waitress/security/advisories/GHSA…
Exploit Third Party Advisory
https://github.com/Pylons/waitress/security/advisories/GHSA-pg36-wpm5-g57p
https://lists.debian.org/debian-lts-announce/2022/05/msg000…
Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/05/msg00011.html
https://lists.fedoraproject.org/archives/list/package-annou…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-annou…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://www.oracle.com/security-alerts/cpuapr2022.html
Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html
https://access.redhat.com/errata/RHSA-2020:0720
Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0720
https://docs.pylonsproject.org/projects/waitress/en/latest/…
Vendor Advisory
https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes
https://github.com/Pylons/waitress/commit/8eba394ad75deaf9e…
Patch Third Party Advisory
https://github.com/Pylons/waitress/commit/8eba394ad75deaf9e5cd15b78a3d16b12e6b0…
https://github.com/Pylons/waitress/security/advisories/GHSA…
Exploit Third Party Advisory
https://github.com/Pylons/waitress/security/advisories/GHSA-pg36-wpm5-g57p
https://lists.debian.org/debian-lts-announce/2022/05/msg000…
Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/05/msg00011.html
https://lists.fedoraproject.org/archives/list/package-annou…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-annou…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://www.oracle.com/security-alerts/cpuapr2022.html
Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html