PT-2024-18063 · Red Hat · Undertow

Robb Gatica

Published

2024-02-12

Updated

2024-11-22

CVE-2024-1459

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Undertow (affected versions not specified)

Description A path traversal vulnerability was found in Undertow, which may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP. This could permit access to privileged or restricted files and directories.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-24

Related Identifiers

CVE-2024-1459

GHSA-V76W-3PH8-VM66

RHSA-2024:1674

RHSA-2024:1675

RHSA-2024:1676

RHSA-2024:2764

Affected Products

Undertow

PT-2024-18063 · Red Hat · Undertow

CVE-2024-1459

Weakness Enumeration

Related Identifiers

Affected Products

References · 29