Miggo Logo
Miggo Vulnerability Database
CVE-2020-1757

CVE-2020-1757:
Improper Input Validation in Undertow

8.1

CVSS Score
3.0

Basic Information

CVE ID
CVE-2020-1757
GHSA ID
GHSA-2w73-fqqj-c92p
EPSS Score
0.3644%
CWE
CWE-20
Published
5/24/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
io.undertow:undertow-coremaven<= 2.0.422.1.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper servletPath normalization where paths containing semicolons are truncated. This would occur in core path resolution functions:

  1. ServletPathMatches.getServletHandlerByPath - Directly handles application mapping logic described in the CVE
  2. HttpServletRequestImpl.getServletPath - Exposes the improperly normalized value to application code While no patch diffs are available, these functions are central to servlet path handling in Undertow and match the vulnerability description of incorrect truncation affecting security mappings. The 'high' confidence for ServletPathMatches comes from its direct role in path resolution, while 'medium' for getServletPath reflects its role in exposing the invalid value.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* *l*w w*s *oun* in *ll un**rtow-*.x.x SP* v*rsions prior to un**rtow-*.*.**.SP*, *ll un**rtow-*.x.x *n* un**rtow-*.x.x v*rsions prior to un**rtow-*.*.*.*in*l, w**r* t** S*rvl*t *ont*in*r **us*s s*rvl*tP*t* to norm*liz* in*orr**tly *y trun**tin* t**

Reasoning

T** vuln*r**ility st*ms *rom improp*r s*rvl*tP*t* norm*liz*tion w**r* p*t*s *ont*inin* s*mi*olons *r* trun**t**. T*is woul* o**ur in *or* p*t* r*solution *un*tions: *. S*rvl*tP*t*M*t***s.**tS*rvl*t**n*l*r*yP*t* - *ir**tly **n*l*s *ppli**tion m*ppin*