CVE-2023-4639 - Vulnerability Details

A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.07108.

Exploitation none

Automatable no

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Red Hat

Migration Toolkit for Runtimes 1 on RHEL 8

affected

Version	Status	Constraints
`1.2-23`	unaffected	< *

Red Hat

Migration Toolkit for Runtimes 1 on RHEL 8

affected

Version	Status	Constraints
`1.2-15`	unaffected	< *

Red Hat

Migration Toolkit for Runtimes 1 on RHEL 8

affected

Version	Status	Constraints
`1.2-16`	unaffected	< *

Red Hat

Migration Toolkit for Runtimes 1 on RHEL 8

affected

Version	Status	Constraints
`1.2-14`	unaffected	< *

Red Hat Red Hat JBoss Enterprise Application Platform 7 unaffected —

Red Hat

Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8

affected

Version	Status	Constraints
`0:2.2.30-1.SP1_redhat_00001.1.el8eap`	unaffected	< *

Red Hat

Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9

affected

Version	Status	Constraints
`0:2.2.30-1.SP1_redhat_00001.1.el9eap`	unaffected	< *

Red Hat

Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7

affected

Version	Status	Constraints
`0:2.2.30-1.SP1_redhat_00001.1.el7eap`	unaffected	< *

Red Hat Red Hat JBoss Enterprise Application Platform 8 unaffected —

Red Hat

Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8

affected

Version	Status	Constraints
`0:2.3.11-1.SP1_redhat_00001.1.el8eap`	unaffected	< *

Red Hat

Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9

affected

Version	Status	Constraints
`0:2.3.11-1.SP1_redhat_00001.1.el9eap`	unaffected	< *

Red Hat Migration Toolkit for Applications 6 affected —

Red Hat Red Hat build of Apache Camel for Spring Boot 3 unaffected —

Red Hat Red Hat build of Apicurio Registry unknown —

Red Hat Red Hat build of Quarkus unknown —

Red Hat Red Hat Data Grid 8 unaffected —

Red Hat Red Hat Decision Manager 7 unknown —

Red Hat Red Hat Fuse 7 unknown —

Red Hat Red Hat Integration Camel K unaffected —

Red Hat Red Hat Integration Camel Quarkus unaffected —

Red Hat Red Hat Integration Change Data Capture unknown —

Red Hat Red Hat JBoss Data Grid 7 unknown —

Red Hat Red Hat JBoss Enterprise Application Platform 6 unknown —

Red Hat Red Hat JBoss Fuse 6 unknown —

Red Hat Red Hat JBoss Fuse Service Works 6 unknown —

Red Hat Red Hat Process Automation 7 unknown —

Red Hat Red Hat Single Sign-On 7 unknown —

No data.

Package	CPE	Advisory	Released Date
Migration Toolkit for Runtimes 1 on RHEL 8
mtr/mtr-operator-bundle:1.2-23	cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8	RHSA-2024:3919	2024-06-13T00:00:00Z
mtr/mtr-rhel8-operator:1.2-15	cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8	RHSA-2024:3919	2024-06-13T00:00:00Z
mtr/mtr-web-container-rhel8:1.2-16	cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8	RHSA-2024:3919	2024-06-13T00:00:00Z
mtr/mtr-web-executor-container-rhel8:1.2-14	cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8	RHSA-2024:3919	2024-06-13T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7
undertow	cpe:/a:redhat:jboss_enterprise_application_platform:7.4	RHSA-2024:1677	2024-04-04T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8
eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8	RHSA-2024:1675	2024-04-04T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9
eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9	RHSA-2024:1676	2024-04-04T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7
eap7-undertow-0:2.2.30-1.SP1_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7	RHSA-2024:1674	2024-04-04T00:00:00Z
Red Hat JBoss Enterprise Application Platform 8
undertow	cpe:/a:redhat:jboss_enterprise_application_platform:8.0	RHSA-2024:2763	2024-05-08T00:00:00Z
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8
eap8-undertow-0:2.3.11-1.SP1_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8	RHSA-2024:2764	2024-05-08T00:00:00Z
Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9
eap8-undertow-0:2.3.11-1.SP1_redhat_00001.1.el9eap	cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9	RHSA-2024:2764	2024-05-08T00:00:00Z

No data.

Project Subscriptions

Vendors	Products
Redhat Subscribe	Camel Quarkus Subscribe Camel Spring Boot Subscribe Integration Subscribe Jboss Data Grid Subscribe Jboss Enterprise Application Platform Subscribe Jboss Enterprise Bpms Platform Subscribe Jboss Enterprise Brms Platform Subscribe Jboss Fuse Subscribe Jboss Fuse Service Works Subscribe Migration Toolkit Applications Subscribe Migration Toolkit Runtimes Subscribe Quarkus Subscribe Red Hat Single Sign On Subscribe Service Registry Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2024-3185	A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity.
Github GHSA	GHSA-3jrv-jgp8-45v3	Undertow incorrectly parses cookies

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://access.redhat.com/errata/RHSA-2024:1674
https://access.redhat.com/errata/RHSA-2024:1675
https://access.redhat.com/errata/RHSA-2024:1676
https://access.redhat.com/errata/RHSA-2024:1677
https://access.redhat.com/errata/RHSA-2024:2763
https://access.redhat.com/errata/RHSA-2024:2764
https://access.redhat.com/errata/RHSA-2024:3919
https://access.redhat.com/security/cve/CVE-2023-4639
https://bugzilla.redhat.com/show_bug.cgi?id=2166022
https://nvd.nist.gov/vuln/detail/CVE-2023-4639
https://security.netapp.com/advisory/ntap-20250207-0001/
https://www.cve.org/CVERecord?id=CVE-2023-4639

History

Fri, 07 Feb 2025 17:45:00 +0000

Type	Values Removed	Values Added
References		https://security.netapp.com/advisory/ntap-20250207-0001/

Sun, 17 Nov 2024 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Sun, 17 Nov 2024 10:30:00 +0000

Type	Values Removed	Values Added
Title	undertow: Cookie Smuggling/Spoofing	Undertow: cookie smuggling/spoofing
First Time appeared		Redhat camel Quarkus Redhat camel Spring Boot Redhat integration Redhat jboss Data Grid Redhat jboss Enterprise Bpms Platform Redhat jboss Enterprise Brms Platform Redhat jboss Fuse Redhat jboss Fuse Service Works Redhat migration Toolkit Applications Redhat quarkus Redhat red Hat Single Sign On Redhat service Registry
CPEs		cpe:/a:redhat:camel_quarkus:2 cpe:/a:redhat:camel_spring_boot:3 cpe:/a:redhat:integration:1 cpe:/a:redhat:jboss_data_grid:7 cpe:/a:redhat:jboss_data_grid:8 cpe:/a:redhat:jboss_enterprise_application_platform:6 cpe:/a:redhat:jboss_enterprise_bpms_platform:7 cpe:/a:redhat:jboss_enterprise_brms_platform:7 cpe:/a:redhat:jboss_fuse:6 cpe:/a:redhat:jboss_fuse:7 cpe:/a:redhat:jboss_fuse_service_works:6 cpe:/a:redhat:migration_toolkit_applications:6 cpe:/a:redhat:quarkus:2 cpe:/a:redhat:red_hat_single_sign_on:7 cpe:/a:redhat:service_registry:2
Vendors & Products		Redhat camel Quarkus Redhat camel Spring Boot Redhat integration Redhat jboss Data Grid Redhat jboss Enterprise Bpms Platform Redhat jboss Enterprise Brms Platform Redhat jboss Fuse Redhat jboss Fuse Service Works Redhat migration Toolkit Applications Redhat quarkus Redhat red Hat Single Sign On Redhat service Registry
References		https://access.redhat.com/errata/RHSA-2024:1674 https://access.redhat.com/errata/RHSA-2024:1675 https://access.redhat.com/errata/RHSA-2024:1676 https://access.redhat.com/errata/RHSA-2024:1677 https://access.redhat.com/errata/RHSA-2024:2763 https://access.redhat.com/errata/RHSA-2024:2764 https://access.redhat.com/errata/RHSA-2024:3919 https://access.redhat.com/security/cve/CVE-2023-4639 https://bugzilla.redhat.com/show_bug.cgi?id=2166022

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-11-17T10:21:44.539Z

Updated: 2025-02-07T17:02:40.205Z

Reserved: 2023-08-30T14:52:04.007Z

Link: CVE-2023-4639

Vulnrichment

Updated: 2025-02-07T17:02:40.205Z

NVD

Status : Awaiting Analysis

Published: 2024-11-17T11:15:05.840

Modified: 2025-02-07T17:15:29.713

Link: CVE-2023-4639

Redhat

Severity : Moderate

Publid Date: 2024-02-08T00:00:00Z

Links: CVE-2023-4639 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-444

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object