CVE-2020-10719

Sažetak

A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10719
https://security.netapp.com/advisory/ntap-20220210-0014/

CVSS

Base:	6.4
Impact:	4.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

07-11-2023 - 03:14

Objavljeno

26-05-2020 - 16:15