#VU81726 Integer overflow in Jetty - CVE-2023-36478

Cybersecurity Help s.r.o.

Published: 2023-10-10 | Updated: 2023-10-12

Vulnerability identifier: #VU81726

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-36478

CWE-ID: CWE-190

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Jetty
Server applications / Web servers

Vendor: Eclipse

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow in MetaDataBuilder.checkSize when handling HTTP/2 HPACK header values. A remote attacker can send specially crafted request to the server, trigger an integer overflow and crash the server.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Jetty: 9.4.0.v20161207 - 9.4.52.v20230823, 10.0.0 - 11.0.15

External links
https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r
https://github.com/jetty/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

IBM Cloud Pak for Data System 1.0 update for Eclipse Jetty

Multiple vulnerabilities in IBM Installation Manager and IBM Packaging Utility

Multiple vulnerabilities in IBM Control Center

Multiple vulnerabilities in IBM Asset Data Dictionary Component

IBM Integrated Analytics System update for Eclipse Jetty

Multiple vulnerabilities in IBM Tivoli Network Manager IP Edition (ITNM)

Multiple vulnerabilities in IBM Rational Synergy

Multiple vulnerabilities in IBM Rational Change

IBM watsonx.data update for Eclipse Jetty

Integer overflow in Oracle Unified Directory