CVE-2021-36740
Description
Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects Varnish Enterprise 6.0.x before 6.0.8r3, and Varnish Cache 5.x and 6.x before 6.5.2, 6.6.x before 6.6.1, and 6.0 LTS before 6.0.8.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.708
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2021:2988) varnish:6 security update varnish-6.0.6-2.module+el8.4.0+11921+1a6539fc.1.x86_64.rpm | Linux |
| (RHSA-2021:2988) varnish:6 security update varnish-devel-6.0.6-2.module+el8.4.0+11921+1a6539fc.1.x86_64.rpm | Linux |
| (RHSA-2021:2988) varnish:6 security update varnish-docs-6.0.6-2.module+el8.4.0+11921+1a6539fc.1.x86_64.rpm | Linux |
| Varnish update (ELSA-2021-2988) varnish-6.0.6-2.module+el8.4.0+20258+f99218b2.1.x86_64.rpm | Linux |
| Varnish-devel update (ELSA-2021-2988) varnish-devel-6.0.6-2.module+el8.4.0+20258+f99218b2.1.x86_64.rpm | Linux |
| Varnish-docs update (ELSA-2021-2988) varnish-docs-6.0.6-2.module+el8.4.0+20258+f99218b2.1.x86_64.rpm | Linux |
| Varnish-modules update (ELSA-2021-2988) varnish-modules-0.15.0-5.module+el8.3.0+7653+45014445.x86_64.rpm | Linux |
| varnish security update(DSA-5088-1) varnish_6.1.1-1+deb10u3_i386.deb | Linux |
| varnish security update(DSA-5088-1) varnish_6.1.1-1+deb10u3_amd64.deb | Linux |
| varnish security update(DSA-5088-1) varnish_6.5.1-1+deb11u2_amd64.deb | Linux |
| state of the art, high-performance web accelerator (USN-5474-1) varnish_5.2.1-1ubuntu0.1_i386.deb | Linux |
| state of the art, high-performance web accelerator (USN-5474-1) varnish_5.2.1-1ubuntu0.1_amd64.deb | Linux |
| state of the art, high-performance web accelerator (USN-5474-1) varnish_6.2.1-2ubuntu0.2_amd64.deb | Linux |
| state of the art, high-performance web accelerator (USN-5474-1) varnish_6.5.2-1ubuntu0.2_amd64.deb | Linux |
| state of the art, high-performance web accelerator (USN-5474-1) varnish_6.6.1-1ubuntu0.2_amd64.deb | Linux |
| state of the art, high-performance web accelerator (USN-5474-1) libvarnishapi1_5.2.1-1ubuntu0.1_i386.deb | Linux |
| state of the art, high-performance web accelerator (USN-5474-1) libvarnishapi1_5.2.1-1ubuntu0.1_amd64.deb | Linux |
| state of the art, high-performance web accelerator (USN-5474-1) libvarnishapi2_6.2.1-2ubuntu0.2_amd64.deb | Linux |
| state of the art, high-performance web accelerator (USN-5474-1) libvarnishapi2_6.5.2-1ubuntu0.2_amd64.deb | Linux |
| state of the art, high-performance web accelerator (USN-5474-1) libvarnishapi2_6.6.1-1ubuntu0.2_amd64.deb | Linux |
| (RHSA-2021:2988)Important: security update varnish-modules-0.15.0-4.module+el8+2481+4078e9d2.x86_64.rpm | Linux |
| (RHSA-2021:2988) varnish:6 security update varnish-modules-0.15.0-5.module+el8.3.0+6843+b3b42fcc.x86_64.rpm | Linux |
| (RHSA-2021:2988)Important: security update varnish-modules-debuginfo-0.15.0-4.module+el8+2481+4078e9d2.x86_64.rpm | Linux |
| (RHSA-2021:2988)Important: security update varnish-modules-debuginfo-0.15.0-5.module+el8.3.0+6843+b3b42fcc.x86_64.rpm | Linux |
| (RHSA-2021:2988)Important: security update varnish-modules-debugsource-0.15.0-4.module+el8+2481+4078e9d2.x86_64.rpm | Linux |
| (RHSA-2021:2988) varnish:6 security update varnish-modules-debugsource-0.15.0-5.module+el8.3.0+6843+b3b42fcc.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234