Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2023-4639
HistoryFeb 09, 2024 - 2:59 a.m.

CVE-2023-4639

2024-02-0902:59:44
redhat.com
access.redhat.com
34
undertow
cookie parsing
value delimiting
data exfiltration
httponly cookie
unauthorized access
data modification
data confidentiality
data integrity

AI Score

6.5

Confidence

Low

JSON

A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity.

Related

ubuntucve 1
debiancve 1
redhat 7
nessus 4
ubuntucve
ubuntucve
CVE-2023-4639
2024-02-09 00:00:00
debiancve
debiancve
CVE-2023-4639
2024-02-20 12:48:34
redhat
redhat
(RHSA-2024:2763) Important: Red Hat JBoss Enterprise Application Platform 8.0 security update
2024-05-08 14:14:46
(RHSA-2024:2764) Important: Red Hat JBoss Enterprise Application Platform 8.0 security update
2024-05-08 14:15:22
(RHSA-2024:1674) Important: Red Hat JBoss Enterprise Application Platform 7.4.16 Security update
2024-04-04 15:15:06
nessus
nessus
RHEL 8 / 9 : Red Hat JBoss Enterprise Application Platform 8.0 (RHSA-2024:2764)
2024-05-08 00:00:00
RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.16 Security update (Important) (RHSA-2024:1676)
2024-04-04 00:00:00
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.16 Security update (Important) (RHSA-2024:1675)
2024-04-04 00:00:00

AI Score

6.5

Confidence

Low

JSON
Related for RH:CVE-2023-4639
ubuntucve1debiancve1redhat7nessus4