Severity
High
Analysis Summary
CVE-2023-51437 CVSS:7.5
Apache Pulsar could allow a remote attacker to bypass security restrictions, caused by an observable timing discrepancy in SASL Authentication Provider. An attacker could exploit this vulnerability to forge an SASL Role Token that will pass signature verification.
CVE-2023-39196 CVSS:7.5
Apache Ozone could allow a remote attacker to bypass security restrictions, caused by missing mutual TLS authentication in one of the service internal Ozone Storage Container Manager endpoints. An attacker could exploit this vulnerability to download metadata internal to the Storage Container Manager service without proper authentication.
CVE-2024-23452 CVSS:6.5
Apache bRPC is vulnerable to HTTP request smuggling, caused by the failure of the http_parser to comply with the RFC-7320 HTTP 1.1 specification. By sending a specially crafted request with both a Transfer-Encoding and a Content-Length header field, an attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks.
Impact
- Gain Access
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-40363
Affected Vendors
Apache
Affected Products
- Apache bRPC 1.0.0
- Apache bRPC 1.1.0
- Apache bRPC 1.2.0
- Apache bRPC 1.3.0
- Apache bRPC 1.4.0
- Apache bRPC 1.5.0
- Apache bRPC 1.6.0
- Apache Pulsar 2.10.3
- Apache Pulsar 2.11.0
- Apache Ozone 1.2.0
- Apache Ozone 1.3.0
- Apache bRPC 1.7.0
Remediation
Refer to Apache Website for patch, upgrade or suggested workaround information.