8.1

CVSS Score

3.0

Basic Information

CVE ID

CVE-2017-3158

GHSA ID

GHSA-3vv3-585q-wv6x

EPSS Score

0.71617%

CWE

CWE-362

Published

5/14/2022

Updated

1/29/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2017-3158

CVE-2017-3158:
Apache Guacamole Race Condition vulnerability

A race condition in Guacamole's terminal emulator in versions 0.9.5 through 0.9.10-incubating could allow writes of blocks of printed data to overlap. Such overlapping writes could cause packet data to be misread as the packet length, resulting in the remaining data being written beyond the end of a statically-allocated buffer.

(GitHub Advisory)

8.1

CVSS Score

3.0

Basic Information

CVE ID

CVE-2017-3158

GHSA ID

GHSA-3vv3-585q-wv6x

EPSS Score

0.71617%

CWE

CWE-362

Published

5/14/2022

Updated

1/29/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.apache.guacamole:guacamole-common	maven	>= 0.9.5, < 0.9.11-incubating	0.9.11-incubating

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from unsynchronized writes to a shared terminal buffer. Based on:

The description of overlapping writes corrupting packet length fields
The CWE-362 classification indicating improper synchronization
Java package naming conventions for terminal emulation components

While exact patch details are unavailable, terminal data writing methods (writeBlock) and protocol serialization (writeTo) are prime candidates as they would directly handle the vulnerable buffer operations. Confidence is medium due to reliance on vulnerability description patterns rather than explicit patch diffs.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* r*** *on*ition in *u***mol*'s t*rmin*l *mul*tor in v*rsions *.*.* t*rou** *.*.**-in*u**tin* *oul* *llow writ*s o* *lo*ks o* print** **t* to ov*rl*p. Su** ov*rl*ppin* writ*s *oul* **us* p**k*t **t* to ** misr*** *s t** p**k*t l*n*t*, r*sultin* in t*

Reasoning

T** vuln*r**ility st*ms *rom unsyn**roniz** writ*s to * s**r** t*rmin*l *u***r. **s** on: *. T** **s*ription o* ov*rl*ppin* writ*s *orruptin* p**k*t l*n*t* *i*l*s *. T** *W*-*** *l*ssi*i**tion in*i**tin* improp*r syn**roniz*tion *. J*v* p**k*** n*min

8.1

Basic Information

Concerned about an active attack path?

CVE-2017-3158: Apache Guacamole Race Condition vulnerability

8.1

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2017-3158:
Apache Guacamole Race Condition vulnerability

Vulnerability Intelligence
Miggo AI