Vulnerability Description
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Eclipse | Jetty | <= 9.2.26 |
| Debian | Debian Linux | 9.0 |
| Netapp | E-Series Santricity Management | - |
| Netapp | E-Series Santricity Os Controller | >= 11.0, <= 11.50.1 |
| Netapp | E-Series Santricity Web Services | - |
| Netapp | Element Software | - |
| Netapp | Element Software Management Node | - |
| Netapp | Hci Storage Nodes | - |
| Netapp | Oncommand System Manager | 3.x |
| Netapp | Oncommand Unified Manager | < 5.2.4 |
| Netapp | Santricity Cloud Connector | - |
| Netapp | Snap Creator Framework | < 4.3.3 |
| Netapp | Snapcenter | < 4.1p3 |
| Netapp | Snapmanager | < 3.4.2 |
| Hp | Xp P9000 Command View | >= 8.4.0-00, < 8.6.2-00 |
| Hp | Xp P9000 | - |
| Oracle | Rest Data Services | 11.2.0.4 |
| Oracle | Retail Xstore Point Of Service | 7.1 |
Related Weaknesses (CWE)
References
- http://www.securitytracker.com/id/1041194Third Party AdvisoryVDB Entry
- https://access.redhat.com/errata/RHSA-2019:0910Third Party Advisory
- https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668Third Party Advisory
- https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885
- https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c24
- https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b667
- https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab
- https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b7
- https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2
- https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b7
- https://security.netapp.com/advisory/ntap-20181014-0001/PatchThird Party Advisory
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpeThird Party Advisory
- https://www.debian.org/security/2018/dsa-4278Third Party Advisory
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://www.oracle.com/security-alerts/cpuoct2020.htmlPatchThird Party Advisory
FAQ
What is CVE-2017-7657?
CVE-2017-7657 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk le...
How severe is CVE-2017-7657?
CVE-2017-7657 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-7657?
Check the references section above for vendor advisories and patch information. Affected products include: Eclipse Jetty, Debian Debian Linux, Netapp E-Series Santricity Management, Netapp E-Series Santricity Os Controller, Netapp E-Series Santricity Web Services.