Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
0

CVE-2017-7658

Disclosure Date: June 26, 2018
CVE-2017-7658 CVSS v3 Base Score: 9.8
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
9.8 Critical
Impact Score:
5.9
Exploitability Score:
3.9
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
Eclipse Jetty 9.2.25
Eclipse Jetty 9.3.0
Eclipse Jetty 9.3.24
Eclipse Jetty 9.4.0
Eclipse Jetty 9.4.11
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • debian,
  • eclipse,
  • hp,
  • netapp,
  • oracle

Products

  • debian linux 9.0,
  • e-series santricity management -,
  • e-series santricity os controller,
  • e-series santricity web services -,
  • hci management node -,
  • hci storage node -,
  • jetty,
  • oncommand system manager,
  • oncommand unified manager for 7-mode -,
  • rest data services 11.2.0.4,
  • rest data services 12.1.0.2,
  • rest data services 12.2.0.1,
  • rest data services 18c,
  • retail xstore payment 3.3,
  • retail xstore point of service 15.0,
  • retail xstore point of service 16.0,
  • retail xstore point of service 17.0,
  • retail xstore point of service 7.1,
  • santricity cloud connector -,
  • snap creator framework -,
  • snapcenter -,
  • snapmanager -,
  • solidfire -,
  • storage services connector -,
  • xp p9000 command view

References

Canonical
CVE-2017-7658 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658)
BID-106566 (http://www.securityfocus.com/bid/106566)
Advisory
DSA-4278 (https://www.debian.org/security/2018/dsa-4278)
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://bugs.eclipse.org/bugs/show_bug.cgi?id=535669
SECTRACK-1041194 (http://www.securitytracker.com/id/1041194)
https://security.netapp.com/advisory/ntap-20181014-0001
[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report (https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E)
[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar (https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E)
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us
[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities (https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E)
[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image (https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E)
https://security.netapp.com/advisory/ntap-20181014-0001/
[druid-commits] 20210226 [GitHub] [druid] kingnj opened a new issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty (https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574@%3Ccommits.druid.apache.org%3E)
[druid-commits] 20210304 [GitHub] [druid] suneet-s commented on issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty (https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8@%3Ccommits.druid.apache.org%3E)
[druid-commits] 20210304 [GitHub] [druid] suneet-s closed issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty (https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E)
Miscellaneous
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com//security-alerts/cpujul2021.html

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis