Vulnerability Description
A response-header CRLF injection vulnerability in the Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) web interface allows a remote attacker to set cookies for a victim's browser that are longer than the server expects, causing a client-side DoS. This affects Chromium-based browsers because they allow injection of response headers with %0d. This is fixed in pve-http-server 4.1-3.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Proxmox | Proxmox Mail Gateway | - |
| Proxmox | Pve Http Server | < 4.1-3 |
| Proxmox | Virtual Environment | - |
Related Weaknesses (CWE)
References
- https://git.proxmox.com/?p=pve-http-server.git%3Ba=commitdiff%3Bh=936007ae024181
- https://starlabs.sg/blog/2022/12-multiple-vulnerabilites-in-proxmox-ve--proxmox-ExploitPatchTechnical Description
- https://git.proxmox.com/?p=pve-http-server.git%3Ba=commitdiff%3Bh=936007ae024181
- https://starlabs.sg/blog/2022/12-multiple-vulnerabilites-in-proxmox-ve--proxmox-ExploitPatchTechnical Description
FAQ
What is CVE-2022-35507?
CVE-2022-35507 is a vulnerability with a CVSS score of 7.1 (HIGH). A response-header CRLF injection vulnerability in the Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) web interface allows a remote attacker to set cookies for a victim's browser that...
How severe is CVE-2022-35507?
CVE-2022-35507 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-35507?
Check the references section above for vendor advisories and patch information. Affected products include: Proxmox Proxmox Mail Gateway, Proxmox Pve Http Server, Proxmox Virtual Environment.