Miggo Logo
Miggo Vulnerability Database
CVE-2024-1459

CVE-2024-1459: Undertow Path Traversal vulnerability

5.3

CVSS Score
3.1

Basic Information

CVE ID
CVE-2024-1459
GHSA ID
GHSA-v76w-3ph8-vm66
EPSS Score
0.9147%
CWE
CWE-24
Published
2/12/2024
Updated
11/22/2024
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
io.undertow:undertow-coremaven< 2.2.31.Final2.2.31.Final
io.undertow:undertow-coremaven>= 2.3.0.Alpha1, < 2.3.12.Final2.3.12.Final

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from how Undertow's HTTP request parser handled path normalization. The commit diff shows added state tracking (PATH_SEGMENT_START/PATH_DOT_SEGMENT) and explicit handling of semicolons in dot segments. The test cases demonstrate that pre-patch versions would collapse '/..;/' into '../' during parsing. The handlePath function is directly modified in the patch to prevent this insecure normalization, confirming it as the vulnerable component.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* p*t* tr*v*rs*l vuln*r**ility w*s *oun* in Un**rtow. T*is issu* m*y *llow * r*mot* *tt**k*r to *pp*n* * sp**i*lly-*r**t** s*qu*n** to *n *TTP r*qu*st *or *n *ppli**tion **ploy** to J*oss **P, w*i** m*y p*rmit ****ss to privil**** or r*stri*t** *il*s

Reasoning

T** vuln*r**ility st*ms *rom *ow Un**rtow's *TTP r*qu*st p*rs*r **n*l** p*t* norm*liz*tion. T** *ommit *i** s*ows ***** st*t* tr**kin* (P*T*_S**M*NT_ST*RT/P*T*_*OT_S**M*NT) *n* *xpli*it **n*lin* o* s*mi*olons in *ot s**m*nts. T** t*st **s*s **monstr*