Apache Traffic Server Vulnerable to Request Smuggling and Cache Poisoning via Malformed HTTP Chunked Trailers

CVE-2024-35161

7.5HIGH

Key Information

Vendor
Apache
Status
Apache Traffic Server
Vendor
CVE Published:
26 July 2024

Summary

Apache Traffic Server forwards malformed HTTP chunked trailer section to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable.

This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4.

Users can set a new setting (proxy.config.http.drop_chunked_trailers) not to forward chunked trailer section. Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue.

Affected Version(s)

Apache Traffic Server <= 8.1.10

Apache Traffic Server <= 9.2.4

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database

Credit

Keran Mu
.