Ubuntu.comUB:CVE-2021-43848CVE-2021-43848
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
7.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
0.001 Low
EPSS
Percentile
48.7%
h2o is an open source http server. In code prior to the 8c0eca3 commit
h2o may attempt to access uninitialized memory. When receiving QUIC frames
in certain order, HTTP/3 server-side implementation of h2o can be misguided
to treat uninitialized memory as HTTP/3 frames that have been received.
When h2o is used as a reverse proxy, an attacker can abuse this
vulnerability to send internal state of h2o to backend servers controlled
by the attacker or third party. Also, if there is an HTTP endpoint that
reflects the traffic sent from the client, an attacker can use that
reflector to obtain internal state of h2o. This internal state includes
traffic of other connections in unencrypted form and TLS session tickets.
This vulnerability exists in h2o server with HTTP/3 support, between commit
93af138 and d1f0f65. None of the released versions of h2o are affected by
this vulnerability. There are no known workarounds. Users of unreleased
versions of h2o using HTTP/3 are advised to upgrade immediately.
Related
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
7.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
0.001 Low
EPSS
Percentile
48.7%