CVE-2023-25690

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-25690
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-25690.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-25690
Aliases
Downstream
Related
Published
2023-03-07T15:09:03.080Z
Modified
2026-06-18T03:55:54.024068442Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Apache HTTP Server: HTTP request splitting with mod_rewrite and mod_proxy
Details

Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack.

Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution. For example, something like:

RewriteEngine on RewriteRule "^/here/(.*)" "http://example.com:8080/elsewhere?$1"; [P] ProxyPassReverse /here/ http://example.com:8080/

Request splitting/smuggling could result in bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers, and cache poisoning. Users are recommended to update to at least version 2.4.56 of Apache HTTP Server.

Database specific 
{
    "cna_assigner": "apache",
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "introduced": "2.4.0"
                },
                {
                    "last_affected": "2.4.55"
                }
            ]
        },
        {
            "source": "DESCRIPTION",
            "extracted_events": [
                {
                    "introduced": "2.4.0"
                },
                {
                    "fixed": "2.4.55"
                }
            ]
        }
    ],
    "cwe_ids": [
        "CWE-444"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/25xxx/CVE-2023-25690.json"
}
References

Affected packages

Git / github.com/apache/httpd

Affected ranges

Type
GIT
Repo
https://github.com/apache/httpd
Events
Introduced
da5873e80d6eee7a0838793bf68f1d0254745fbb
Last affected
8201e867f1d4cdf61840625c6c4be901e3f1b6ba
Database specific 
{
    "source": "CPE_RANGE",
    "extracted_events": [
        {
            "introduced": "2.4.0"
        },
        {
            "last_affected": "2.4.55"
        }
    ],
    "cpe": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*"
}

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-25690.json"