Miggo Logo
Miggo Vulnerability Database
CVE-2017-12196

CVE-2017-12196: Incorrect Authorization in Undertow

5.9

CVSS Score
3.0

Basic Information

CVE ID
CVE-2017-12196
GHSA ID
GHSA-cp7v-vmv7-6x2q
EPSS Score
0.5999%
CWE
CWE-863
Published
5/13/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
io.undertow:undertow-coremaven>= 2.0.0.Alpha1, <= 2.0.1.Final2.0.2.FInal
io.undertow:undertow-coremaven<= 1.4.23.Final1.4.24.Final

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from missing URI validation in the Digest authentication flow. The commit diff shows the addition of URI comparison logic between the Authorization header's 'uri' parameter and the actual request URI. The original code had a 'TODO - Validate the URI' comment, indicating this check was previously unimplemented. The function's access modifier was also changed from public to private, suggesting it was part of the security fix. Test cases added in DigestAuthenticationAuthTestCase.java validate this fix by checking for BAD_REQUEST when URIs mismatch.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Un**rtow ***or* v*rsions *.*.**.SP* (not *in***l* in M*v*n), *.*.*.*in*l, *n* *.*.**.*in*l w*s *oun* vuln*r**l* w**n usin* *i**st *ut**nti**tion, t** s*rv*r *o*s not *nsur* t**t t** v*lu* o* URI in t** *ut*oriz*tion *****r m*t***s t** URI in *TTP r*q

Reasoning

T** vuln*r**ility st*mm** *rom missin* URI v*li**tion in t** *i**st *ut**nti**tion *low. T** *ommit *i** s*ows t** ***ition o* URI *omp*rison lo*i* **tw**n t** *ut*oriz*tion *****r's 'uri' p*r*m*t*r *n* t** **tu*l r*qu*st URI. T** ori*in*l *o** *** *