CVE-2023-38199

Name of the Vulnerable Software and Affected Versions coreruleset (aka OWASP ModSecurity Core Rule Set) versions 3.3.4 and earlier

Description The issue allows attackers to potentially bypass a Web Application Firewall (WAF) using a crafted payload, exploiting "Content-Type confusion" between the WAF and the backend application. This happens when the web application relies solely on the last Content-Type header. Different platforms may handle additional Content-Type headers in various ways, such as rejecting them or merging conflicting headers, which could lead to detection as a malformed header.

Recommendations For coreruleset (aka OWASP ModSecurity Core Rule Set) versions 3.3.4 and earlier, consider updating to a version that addresses this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.