CVE-2022-32215

The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf	Patch Third Party Advisory
https://hackerone.com/reports/1501679	Exploit Issue Tracking Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/
https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/	Patch Vendor Advisory
https://www.debian.org/security/2023/dsa-5326	Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf	Patch Third Party Advisory
https://hackerone.com/reports/1501679	Exploit Issue Tracking Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/
https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/	Patch Vendor Advisory
https://www.debian.org/security/2023/dsa-5326	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:llhttp:llhttp::::::node.js::*
	cpe:2.3:a:llhttp:llhttp::::::node.js::*
	cpe:2.3:a:llhttp:llhttp::::::::
	cpe:2.3:a:nodejs:node.js:::::-:::*
	cpe:2.3:a:nodejs:node.js:::::lts:::*
	cpe:2.3:a:nodejs:node.js:::::-:::*
	cpe:2.3:a:nodejs:node.js:::::lts:::*
	cpe:2.3:a:nodejs:node.js:::::-:::*

Configuration 2 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:35:::::::*
	cpe:2.3:o:fedoraproject:fedora:36:::::::*
	cpe:2.3:o:fedoraproject:fedora:37:::::::*

Configuration 3 (hide)

OR	cpe:2.3:a:siemens:sinec_ins:1.0:-::::::
	cpe:2.3:a:siemens:sinec_ins:1.0:sp1::::::
	cpe:2.3:a:siemens:sinec_ins:1.0:sp2::::::

Configuration 4 (hide)

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:a:stormshield:stormshield_management_center:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:05

Type	Values Removed	Values Added
References	~~() https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf - Patch, Third Party Advisory~~	() https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf - Patch, Third Party Advisory
References	~~() https://hackerone.com/reports/1501679 - Exploit, Issue Tracking, Third Party Advisory~~	() https://hackerone.com/reports/1501679 - Exploit, Issue Tracking, Third Party Advisory
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/ -
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/ -
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/ -
References	~~() https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/ - Patch, Vendor Advisory~~	() https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/ - Patch, Vendor Advisory
References	~~() https://www.debian.org/security/2023/dsa-5326 - Third Party Advisory~~	() https://www.debian.org/security/2023/dsa-5326 - Third Party Advisory

Information

Published : 2022-07-14 15:15

Updated : 2024-11-21 07:05

NVD link : CVE-2022-32215

Mitre link : CVE-2022-32215

CVE.ORG link : CVE-2022-32215

JSON object : View

Products Affected

debian

debian_linux

fedoraproject

fedora

siemens

sinec_ins

llhttp

llhttp

nodejs

node.js

stormshield

stormshield_management_center

CWE

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

{"id": "CVE-2022-32215", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 3.9}]}, "published": "2022-07-14T15:15:08.387", "references": [{"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", "tags": ["Patch", "Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://hackerone.com/reports/1501679", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/", "source": "support@hackerone.com"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/", "source": "support@hackerone.com"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/", "source": "support@hackerone.com"}, {"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", "tags": ["Patch", "Vendor Advisory"], "source": "support@hackerone.com"}, {"url": "https://www.debian.org/security/2023/dsa-5326", "tags": ["Third Party Advisory"], "source": "support@hackerone.com"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://hackerone.com/reports/1501679", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.debian.org/security/2023/dsa-5326", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "support@hackerone.com", "description": [{"lang": "en", "value": "CWE-444"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-444"}]}], "descriptions": [{"lang": "en", "value": "The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS)."}, {"lang": "es", "value": "El parser llhttp anteriores a la versi\u00f3n v14.20.1, anteriores a la versi\u00f3n v16.17.1 y anteriores a la versi\u00f3n v18.9.1 del m\u00f3dulo http en Node.js no maneja correctamente las cabeceras Transfer-Encoding de varias l\u00edneas. Esto puede llevar al contrabando de solicitudes HTTP (HRS)"}], "lastModified": "2024-11-21T07:05:56.540", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:llhttp:llhttp:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "E47EBF6E-EAF4-4853-A7F1-49B0E2880E44", "versionEndExcluding": "14.20.1", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:llhttp:llhttp:*:*:*:*:*:node.js:*:*", "vulnerable": true, "matchCriteriaId": "BF84A61F-30D6-4D93-BCBD-C856D671B68B", "versionEndExcluding": "16.17.1", "versionStartIncluding": "16.0.0"}, {"criteria": "cpe:2.3:a:llhttp:llhttp:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65CED312-C629-4515-A3F4-84E889159D4A", "versionEndExcluding": "18.9.1", "versionStartIncluding": "18.0.0"}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "428DCD7B-6F66-4F18-B780-5BD80143D482", "versionEndIncluding": "14.14.0", "versionStartIncluding": "14.0.0"}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "3EB02718-B2A5-4822-B611-D62BB9EF44B0", "versionEndExcluding": "14.20.0", "versionStartIncluding": "14.15.0"}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "1D1D0CEC-62E5-4368-B8F2-1DA5DD0B88FA", "versionEndIncluding": "16.12.0", "versionStartIncluding": "16.0.0"}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "D9D9B02E-C965-408B-999E-1F3DA09B62AA", "versionEndExcluding": "16.16.0", "versionStartIncluding": "16.13.0"}, {"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "D224E154-915A-4E2C-A0D7-D28D1C1472F7", "versionEndExcluding": "18.5.0", "versionStartIncluding": "18.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4664B195-AF14-4834-82B3-0B2C98020EB6"}, {"criteria": "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75BC588E-CDF0-404E-AD61-02093A1DF343"}, {"criteria": "cpe:2.3:a:siemens:sinec_ins:1.0:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A334F7B4-7283-4453-BAED-D2E01B7F8A6E"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:stormshield:stormshield_management_center:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57CACB72-BAD7-41F6-9977-321DA7F79519", "versionEndExcluding": "3.3.2"}], "operator": "OR"}]}], "sourceIdentifier": "support@hackerone.com"}

6.5 /10