CVE-2022-0711 - OpenCVE

A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Openshift Container Platform Enterprise Linux Software Collections
Haproxy	Haproxy
Debian	Debian Linux

Configuration 1 [-]

OR	cpe:2.3:a:haproxy:haproxy::::::::
	cpe:2.3:a:haproxy:haproxy::::::::
	cpe:2.3:a:haproxy:haproxy::::::::

Configuration 2 [-]

OR	cpe:2.3:a:redhat:openshift_container_platform:4.0:::::::*
	cpe:2.3:a:redhat:software_collections:-:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

Configuration 3 [-]

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

References

Link	Resource
https://access.redhat.com/security/cve/cve-2022-0711	Third Party Advisory
https://github.com/haproxy/haproxy/commit/bfb15ab34ead85f64cd6da0e9fb418c9cd14cee8	Patch Third Party Advisory
https://www.debian.org/security/2022/dsa-5102	Third Party Advisory
https://www.mail-archive.com/haproxy%40formilux.org/msg41833.html

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2022-03-02T21:59:03

Updated: 2022-03-14T14:06:20

Reserved: 2022-02-21T00:00:00

Link: CVE-2022-0711

JSON object: View

NVD Information

Status : Modified

Published: 2022-03-02T22:15:08.313

Modified: 2023-11-07T03:41:30.830

Link: CVE-2022-0711

JSON object: View

Redhat Information

No data.

CWE

CWE-835

{"containers": {"cna": {"affected": [{"product": "haproxy", "vendor": "n/a", "versions": [{"status": "affected", "version": "2.5.1"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the way HAProxy processed HTTP responses containing the \"Set-Cookie2\" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-835", "description": "CWE-835", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-03-14T14:06:20", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://access.redhat.com/security/cve/cve-2022-0711"}, {"tags": ["x_refsource_MISC"], "url": "https://www.mail-archive.com/haproxy%40formilux.org/msg41833.html"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/haproxy/haproxy/commit/bfb15ab34ead85f64cd6da0e9fb418c9cd14cee8"}, {"name": "DSA-5102", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2022/dsa-5102"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2022-0711", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "haproxy", "version": {"version_data": [{"version_value": "2.5.1"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A flaw was found in the way HAProxy processed HTTP responses containing the \"Set-Cookie2\" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-835"}]}]}, "references": {"reference_data": [{"name": "https://access.redhat.com/security/cve/cve-2022-0711", "refsource": "MISC", "url": "https://access.redhat.com/security/cve/cve-2022-0711"}, {"name": "https://www.mail-archive.com/haproxy@formilux.org/msg41833.html", "refsource": "MISC", "url": "https://www.mail-archive.com/haproxy@formilux.org/msg41833.html"}, {"name": "https://github.com/haproxy/haproxy/commit/bfb15ab34ead85f64cd6da0e9fb418c9cd14cee8", "refsource": "MISC", "url": "https://github.com/haproxy/haproxy/commit/bfb15ab34ead85f64cd6da0e9fb418c9cd14cee8"}, {"name": "DSA-5102", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5102"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-0711", "datePublished": "2022-03-02T21:59:03", "dateReserved": "2022-02-21T00:00:00", "dateUpdated": "2022-03-14T14:06:20", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*", "matchCriteriaId": "987A71FD-A6E5-427C-A1B1-F446E56B38AA", "versionEndExcluding": "2.2.21", "versionStartIncluding": "2.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*", "matchCriteriaId": "BFEAE9A0-3458-4316-8091-B2F8D8D6B560", "versionEndExcluding": "2.3.18", "versionStartIncluding": "2.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*", "matchCriteriaId": "5BBF0322-D3FB-4136-89D6-D1421B878244", "versionEndExcluding": "2.4.13", "versionStartIncluding": "2.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:*", "matchCriteriaId": "749804DA-4B27-492A-9ABA-6BB562A6B3AC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the way HAProxy processed HTTP responses containing the \"Set-Cookie2\" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability."}, {"lang": "es", "value": "Se ha encontrado un fallo en la forma en que HAProxy procesa las respuestas HTTP que contienen el encabezado \"Set-Cookie2\". Este fallo podr\u00eda permitir a un atacante enviar paquetes de respuesta HTTP dise\u00f1ados que conllevaran a un bucle infinito, resultando eventualmente en una situaci\u00f3n de denegaci\u00f3n de servicio. La mayor amenaza de esta vulnerabilidad es la disponibilidad"}], "id": "CVE-2022-0711", "lastModified": "2023-11-07T03:41:30.830", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-03-02T22:15:08.313", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/cve-2022-0711"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/haproxy/haproxy/commit/bfb15ab34ead85f64cd6da0e9fb418c9cd14cee8"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2022/dsa-5102"}, {"source": "secalert@redhat.com", "url": "https://www.mail-archive.com/haproxy%40formilux.org/msg41833.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-835"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-835"}], "source": "secalert@redhat.com", "type": "Secondary"}]}