Vulnerability Name:

CVE-2022-41721 (CCN-244775)

Assigned:2022-09-28
Published:2023-01-13
Updated:2023-01-24
Summary:Golang Go is vulnerable to HTTP request smuggling, caused by a flaw when using MaxBytesHandler. By sending a specially-crafted HTTP(S) transfer-encoding request header, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:6.4 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2022-41721

Source: XF
Type: UNKNOWN
golang-cve202241721-request-smuggling(244775)

Source: CCN
Type: Go GIT Repository
x/net/http2/h2c: ineffective mitigation for unsafe io.ReadAll #56352

Source: CCN
Type: GO-2023-1495
GO

Source: CCN
Type: IBM Security Bulletin 6959921 (Cloud Integration Platform)
Automation Assets in IBM Cloud Pak for Integration is vulnerable to request smuggling in Go (CVE-2022-41721)

Source: CCN
Type: IBM Security Bulletin 6959923 (Cloud Integration Platform)
Operations Dashboard is vulnerable to denial of service and request smuggling due to Go CVE-2022-41717 and CVE-2022-41721

Source: CCN
Type: IBM Security Bulletin 6965352 (Spectrum Protect Plus Container Agent)
Vulnerabilities in Pypa Setuptools, Golang Go, OpenSSH, Minio and Certifi may affect IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift

Source: CCN
Type: IBM Security Bulletin 6980755 (CICS TX Standard)
CVE-2022-41721 may affect IBM CICS TX Standard

Source: CCN
Type: IBM Security Bulletin 6982921 (Sterling Order Management)
Golang Go vulnerability

Source: CCN
Type: IBM Security Bulletin 6983270 (Robotic Process Automation)
Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Source: CCN
Type: IBM Security Bulletin 6984421 (Watson Discovery)
IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Golang Go

Source: CCN
Type: IBM Security Bulletin 6986361 (Robotic Process Automation)
Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Source: CCN
Type: IBM Security Bulletin 6997601 (CICS TX Advanced)
CVE-2022-41723 and CVE-2022-41721 may affect IBM CICS TX Advanced

Source: CCN
Type: IBM Security Bulletin 7005485 (Cloud Pak for Network Automation)
Cloud Pak for Network Automation 2.5.0 fixes multiple security vulnerabilities

Source: CCN
Type: IBM Security Bulletin 7005589 (Spectrum Protect Plus)
Vulnerabilities in Apache Commons, Tomcat, Go, libcurl, OpenSSL, Python, Node.js, and Linux can affect IBM Spectrum Protect Plus.

Source: CCN
Type: IBM Security Bulletin 7008051 (Watson Speech Services Cartridge for Cloud Pak for Data)
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to HTTP request smuggling in Golang Go ( CVE-2022-41721)

Source: CCN
Type: IBM Security Bulletin 7008449 (Db2 on Cloud Pak for Data)
Multiple vulnerabilities affect IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data

Source: CCN
Type: IBM Security Bulletin 7009757 (Match 360)
ICP Match 360 is vulnerable to the following CVEs

Source: CCN
Type: IBM Security Bulletin 7014659 (Cloud Transformation Advisor)
IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Source: CCN
Type: Mend Vulnerability Database
CVE-2022-41721

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:golang:go:1.19.0:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:spectrum_protect_plus:10.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_transformation_advisor:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:robotic_process_automation:21.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cics_tx:11.1:*:*:*:standard:*:*:*
  • OR cpe:/a:ibm:cics_tx:11.1:*:*:*:advanced:*:*:*
  • OR cpe:/a:ibm:robotic_process_automation:23.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:robotic_process_automation:23.0.3:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    golang go 1.19.0
    ibm spectrum protect plus 10.1.0
    ibm cloud transformation advisor 2.0.1
    ibm robotic process automation 21.0.1
    ibm cics tx 11.1
    ibm cics tx 11.1
    ibm robotic process automation 23.0.0
    ibm robotic process automation 23.0.3