In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: eclipse
Published: 2018-06-26T17:00:00
Updated: 2024-08-05T16:12:27.826Z
Reserved: 2017-04-11T00:00:00
Link: CVE-2017-7658
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-06-26T17:29:00.210
Modified: 2024-11-21T03:32:23.850
Link: CVE-2017-7658
Redhat