Strix
26.1K

CVE-2020-27218

MEDIUMCVSS 4.8/10EPSS 8.11%

Last modified

CVE-2020-27218 is a medium-severity vulnerability rated 4.8/10 on the CVSS scale. In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request.. EPSS estimates a 8.11% chance of exploitation in the next 30 days.

Description

In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request.

Metrics

CVSS 3.1
4.8/10

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

EPSS Probability
8.11%

94.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersionsUpdate
EclipseJetty>= 9.4.0, < 9.4.35
EclipseJetty10.0.0Alpha0
EclipseJetty11.0.0Alpha0
NetappOncommand System Manager>= 3.0, <= 3.1.3
NetappSnap Creator FrameworkAll versions
OracleBlockchain Platform< 21.1.2
OracleCommunications Converged Application Server - Service Controller6.2
OracleCommunications Offline Mediation Controller12.0.0.3.0
OracleCommunications Pricing Design Center12.0.0.3.0
OracleCommunications Services Gatekeeper7.0
OracleCommunications Session Route Manager>= 8.0.0, <= 8.2.4
OracleFlexcube Private Banking12.0.0
OracleFlexcube Private Banking12.1.0
OracleHyperion Infrastructure Technology11.1.2.6.0
OracleRest Data Services< 20.4.3.050.1904
OracleRetail Eftlink20.0.0
OracleSiebel Core - Automation<= 21.5
ApacheKafka2.7.0
ApacheSpark2.4.8
ApacheSpark3.0.3
DebianDebian Linux10.0

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2020-27218?
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request.
How severe is CVE-2020-27218?
CVE-2020-27218 has a CVSS score of 4.8/10 (MEDIUM severity). The EPSS model estimates a 8.11% probability of exploitation in the next 30 days.
How do I fix CVE-2020-27218?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-27218?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST