FKIE_CVE-2024-6763

Vulnerability from fkie_nvd - Published: 2024-10-14 16:15 - Updated: 2025-07-10 15:04
Severity ?
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing. The HttpURI class does insufficient validation on the authority segment of a URI. However the behaviour of HttpURI differs from the common browsers in how it handles a URI that would be considered invalid if fully validated against the RRC. Specifically HttpURI and the browser may differ on the value of the host extracted from an invalid URI and thus a combination of Jetty and a vulnerable browser may be vulnerable to a open redirect attack or to a SSRF attack if the URI is used after passing validation checks.
References
emo@eclipse.orghttps://github.com/jetty/jetty.project/pull/12012Patch, Third Party Advisory
emo@eclipse.orghttps://github.com/jetty/jetty.project/security/advisories/GHSA-qh8g-58pp-2wxhExploit, Mitigation, Vendor Advisory
emo@eclipse.orghttps://gitlab.eclipse.org/security/cve-assignement/-/issues/25Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20250306-0005/Third Party Advisory
Impacted products
Vendor Product Version
eclipse jetty *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4171EAFD-7EFE-4CC9-8CAE-4DDE86D14A12",
              "versionEndExcluding": "9.4.57",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing.\n\nThe HttpURI class does insufficient validation on the authority segment of a URI.  However the behaviour of HttpURI\n differs from the common browsers in how it handles a URI that would be \nconsidered invalid if fully validated against the RRC.  Specifically HttpURI\n and the browser may differ on the value of the host extracted from an \ninvalid URI and thus a combination of Jetty and a vulnerable browser may\n be vulnerable to a open redirect attack or to a SSRF attack if the URI \nis used after passing validation checks."
    },
    {
      "lang": "es",
      "value": "Eclipse Jetty es un servidor web y motor de servlets basado en Java, ligero y altamente escalable. Incluye una clase de utilidad, HttpURI, para el an\u00e1lisis de URL/URL. La clase HttpURI realiza una validaci\u00f3n insuficiente en el segmento de autoridad de una URI. Sin embargo, el comportamiento de HttpURI difiere de los navegadores comunes en c\u00f3mo maneja una URI que se considerar\u00eda inv\u00e1lida si se validara completamente contra el RRC. Espec\u00edficamente, HttpURI y el navegador pueden diferir en el valor del host extra\u00eddo de una URI inv\u00e1lida y, por lo tanto, una combinaci\u00f3n de Jetty y un navegador vulnerable puede ser vulnerable a un ataque de redireccionamiento abierto o a un ataque SSRF si la URI se usa despu\u00e9s de pasar las verificaciones de validaci\u00f3n."
    }
  ],
  "id": "CVE-2024-6763",
  "lastModified": "2025-07-10T15:04:04.103",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 3.7,
          "baseSeverity": "LOW",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4,
        "source": "emo@eclipse.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-10-14T16:15:04.163",
  "references": [
    {
      "source": "emo@eclipse.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/jetty/jetty.project/pull/12012"
    },
    {
      "source": "emo@eclipse.org",
      "tags": [
        "Exploit",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-qh8g-58pp-2wxh"
    },
    {
      "source": "emo@eclipse.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/25"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20250306-0005/"
    }
  ],
  "sourceIdentifier": "emo@eclipse.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-1286"
        }
      ],
      "source": "emo@eclipse.org",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.