Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')

CVE-2022-37436

Medium

5.3/10

Summary

In Apache HTTP Server, versions through 2.4.54, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: NONE

CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')

The software receives data from an HTTP agent/component (e.g., web server, proxy, browser, etc.), but it does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.

References

Advisory
Advisory
Issue

Advisory Timeline

Published Jan 17, 2023

Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')

CVE-2022-37436

Summary

CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS