PT-2020-19653 · Micronaut · Micronaut-Http-Client

Jonathan Leitschuh

Published

2020-03-30

Updated

2020-04-02

CVE-2020-7611

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions io.micronaut:micronaut-http-client versions 1.2.11 and earlier io.micronaut:micronaut-http-client versions 1.3.0 through 1.3.1

Description The issue is related to HTTP Request Header Injection due to not validating request headers passed to the client. This allows an attacker to control the entirety of the HTTP body for their custom requests, enabling a variant of Server Side Request Forgery.

Recommendations For io.micronaut:micronaut-http-client versions 1.2.11 and earlier, update to version 1.2.11 or later. For io.micronaut:micronaut-http-client versions 1.3.0 through 1.3.1, update to version 1.3.2 or later. As a temporary workaround, do not pass user data directly received from HTTP request parameters as headers in the HTTP client.

Exploit

Fix

HTTP Request/Response Smuggling

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-444

Related Identifiers

CVE-2020-7611

GHSA-694P-XRHG-X3WM

SNYK-JAVA-IOMICRONAUT-561342

Affected Products

Micronaut-Http-Client

PT-2020-19653 · Micronaut · Micronaut-Http-Client

CVE-2020-7611

Weakness Enumeration

Related Identifiers

Affected Products

References · 10