coreruleset (aka OWASP ModSecurity Core Rule Set) through 3.3.4 does not detect multiple Content-Type request headers on some platforms. This might allow attackers to bypass a WAF with a crafted payload, aka "Content-Type confusion" between the WAF and the backend application. This occurs when the web application relies on only the last Content-Type header. Other platforms may reject the additional Content-Type header or merge conflicting headers, leading to detection as a malformed header.
References
Link | Resource |
---|---|
https://github.com/coreruleset/coreruleset/issues/3191 | Issue Tracking Patch |
https://github.com/coreruleset/coreruleset/pull/3237 | Issue Tracking |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-07-13T00:00:00
Updated: 2023-09-05T03:08:41.028752
Reserved: 2023-07-13T00:00:00
Link: CVE-2023-38199
JSON object: View
NVD Information
Status : Modified
Published: 2023-07-13T03:15:10.023
Modified: 2023-09-05T04:15:09.017
Link: CVE-2023-38199
JSON object: View
Redhat Information
No data.
CWE