Vulnerability Name: CVE-2022-26377 (CCN-228343) Assigned: 2022-06-08 Published: 2022-06-08 Updated: 2022-08-24 Summary: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions. CVSS v3 Severity: 7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N )6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): HighAvailibility (A): None
7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L )6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
6.5 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L )5.7 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): HighPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): PartialAvailibility (A): None
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
Vulnerability Type: CWE-444 Vulnerability Consequences: Gain Access References: Source: MITRE Type: CNACVE-2022-26377 Source: MLIST Type: Mailing List, Third Party Advisory[oss-security] 20220608 CVE-2022-26377: Apache HTTP Server: mod_proxy_ajp: Possible request smuggling Source: XF Type: UNKNOWNapache-http-cve202226377-request-smuggling(228343) Source: CCN Type: Apache Web sitemod_proxy_ajp: Possible request smuggling Source: MISC Type: Vendor Advisoryhttps://httpd.apache.org/security/vulnerabilities_24.html Source: FEDORA Type: Mailing List, Third Party AdvisoryFEDORA-2022-b54a8dee29 Source: FEDORA Type: Mailing List, Third Party AdvisoryFEDORA-2022-e620fb15d5 Source: CCN Type: oss-sec Mailing List, Wed, 08 Jun 2022 09:42:22 +0000CVE-2022-26377: Apache HTTP Server: mod_proxy_ajp: Possible request smuggling Source: GENTOO Type: Third Party AdvisoryGLSA-202208-20 Source: CONFIRM Type: Third Party Advisoryhttps://security.netapp.com/advisory/ntap-20220624-0005/ Source: CCN Type: IBM Security Bulletin 6595149 (HTTP Server) Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server Source: CCN Type: IBM Security Bulletin 6607888 (Tivoli Monitoring)Multiple vulnerabilities affect IBM Tivoli Monitoring included WebSphere Application Server and IBM HTTP Server used by WebSphere Application Server Source: CCN Type: IBM Security Bulletin 6610841 (Security SiteProtector System)IBM Security SiteProtector System is affected by multiple Apache HTTP Server Vulnerabilities Source: CCN Type: IBM Security Bulletin 6837299 (App Connect Enterprise Certified Container)IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable to HTTP request smuggling due to CVE-2022-26377 Source: CCN Type: IBM Security Bulletin 6952319 (Aspera Faspex)IBM Aspera Faspex 4.4.2 PL2 has addressed multiple vulnerabilities (CVE-2022-28330, CVE-2023-22868, CVE-2022-30556, CVE-2022-31813, CVE-2022-30522, CVE-2022-47986, CVE-2022-28615, CVE-2022-26377, CVE-2018-25032, CVE-2022-2068) Source: CCN Type: IBM Security Bulletin 6952365 (Aspera Orchestrator)IBM Aspera Orchestrator vulnerable to HTTP request smuggling due to an Apache HTTP Server vulnerability (CVE-2022-26377) Vulnerable Configuration: Configuration 1 :cpe:/a:apache:http_server:*:*:*:*:*:*:*:* (Version >= 2.4.0 and <= 2.4.53)Configuration 2 :cpe:/o:fedoraproject:fedora:35:*:*:*:*:*:*:* OR cpe:/o:fedoraproject:fedora:36:*:*:*:*:*:*:* Configuration 3 :cpe:/a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:* Configuration RedHat 1 :cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:* Configuration RedHat 2 :cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:* Configuration RedHat 3 :cpe:/a:redhat:enterprise_linux:9:*:*:*:*:*:*:* Configuration RedHat 4 :cpe:/a:redhat:enterprise_linux:9::appstream:*:*:*:*:* Configuration CCN 1 :cpe:/a:apache:http_server:2.4.18:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.20:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.23:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.29:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.33:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.25:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.26:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.27:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.28:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.34:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.35:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.37:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.38:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.39:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.41:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.43:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.46:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.48:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.49:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.50:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.51:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.52:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.4.53:*:*:*:*:*:*:* AND cpe:/a:ibm:http_server:7.0:*:*:*:*:*:*:* OR cpe:/a:ibm:http_server:8.0:*:*:*:*:*:*:* OR cpe:/a:ibm:http_server:8.5:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:* OR cpe:/a:ibm:security_siteprotector_system:3.1.1:*:*:*:*:*:*:* OR cpe:/a:ibm:aspera_faspex:4.4.1:*:*:*:*:*:*:* OR cpe:/a:ibm:app_connect_enterprise_certified_container:4.1:*:*:*:*:*:*:* OR cpe:/a:ibm:app_connect_enterprise_certified_container:4.2:*:*:*:*:*:*:* OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.0:*:*:*:lts:*:*:* OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.1:*:*:*:*:*:*:* OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.2:*:*:*:*:*:*:* OR cpe:/a:ibm:app_connect_enterprise_certified_container:6.0:*:*:*:*:*:*:* Denotes that component is vulnerable Oval Definitions BACK
apache http server *
fedoraproject fedora 35
fedoraproject fedora 36
netapp clustered data ontap -
apache http server 2.4.18
apache http server 2.4.20
apache http server 2.4.23
apache http server 2.4.29
apache http server 2.4.33
apache http server 2.4.25
apache http server 2.4.26
apache http server 2.4.27
apache http server 2.4.28
apache http server 2.4.34
apache http server 2.4.35
apache http server 2.4.37
apache http server 2.4.38
apache http server 2.4.39
apache http server 2.4.41
apache http server 2.4.43
apache http server 2.4.46
apache http server 2.4.48
apache http server 2.4.49
apache http server 2.4.50
apache http server 2.4.51
apache http server 2.4.52
apache http server 2.4.53
ibm http server 7.0
ibm http server 8.0
ibm http server 8.5
ibm tivoli monitoring 6.3.0
ibm security siteprotector system 3.1.1
ibm aspera faspex 4.4.1
ibm app connect enterprise certified container 4.1
ibm app connect enterprise certified container 4.2
ibm app connect enterprise certified container 5.0
ibm app connect enterprise certified container 5.1
ibm app connect enterprise certified container 5.2
ibm app connect enterprise certified container 6.0