CVE-2023-25725

Name of the Vulnerable Software and Affected Versions HAProxy versions prior to 2.7.3 HAProxy versions prior to 2.6.9 HAProxy versions prior to 2.5.12 HAProxy versions prior to 2.4.22 HAProxy versions prior to 2.2.29 HAProxy versions prior to 2.0.31

Description The issue is related to the handling of HTTP requests in HAProxy, which may allow an attacker to perform an HTTP request smuggling attack. This can be achieved by exploiting the HTTP header parsers in HAProxy, which may accept empty header field names, causing some headers to disappear after being parsed and processed for HTTP/1.0 and HTTP/1.1. The impact is limited for HTTP/2 and HTTP/3, as the headers disappear before being parsed and processed. The attack can be used to bypass authentication checks or access restricted areas.

Recommendations For versions prior to 2.7.3, update to version 2.7.3 or later. For versions prior to 2.6.9, update to version 2.6.9 or later. For versions prior to 2.5.12, update to version 2.5.12 or later. For versions prior to 2.4.22, update to version 2.4.22 or later. For versions prior to 2.2.29, update to version 2.2.29 or later. For versions prior to 2.0.31, update to version 2.0.31 or later. As a temporary workaround, consider restricting access to vulnerable modules or functions until a patch is available.