{ "threat_severity" : "Important", "public_date" : "2026-01-08T00:00:00Z", "bugzilla" : { "description" : "undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF", "id" : "2408784", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2408784" }, "cvss3" : { "cvss3_base_score" : "9.6", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L", "status" : "verified" }, "cwe" : "CWE-20", "details" : [ "A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perform internal network scans, or hijack user sessions.", "A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perform internal network scans, or hijack user sessions." ], "statement" : "This vulnerability has an Important severity because it can be remotely exploited without authentication. However, limited user interaction is required for full impact. It could allow attackers to hijack additional accounts, steal credentials, or gain access to internal systems. The issue stems from improper input validation of HTTP Host headers, leading to serious breaches in confidentiality and integrity.", "acknowledgement" : "Red Hat would like to thank Ahmet Artuç for reporting this issue.", "affected_release" : [ { "product_name" : "Red Hat build of Apache Camel 4.14.4 for Spring Boot 3.5.11", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3890", "cpe" : "cpe:/a:redhat:apache_camel_spring_boot:4.14", "package" : "undertow-core" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4", "release_date" : "2026-03-18T00:00:00Z", "advisory" : "RHSA-2026:4924", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", "package" : "undertow-core" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 7", "release_date" : "2026-03-18T00:00:00Z", "advisory" : "RHSA-2026:4915", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el7", "package" : "eap7-undertow-0:2.2.39-1.Final_redhat_00001.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 7", "release_date" : "2026-03-18T00:00:00Z", "advisory" : "RHSA-2026:4915", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el7", "package" : "eap7-wildfly-0:7.4.24-4.GA_redhat_00002.1.el7eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 8", "release_date" : "2026-03-18T00:00:00Z", "advisory" : "RHSA-2026:4916", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el8", "package" : "eap7-undertow-0:2.2.39-1.Final_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 8", "release_date" : "2026-03-18T00:00:00Z", "advisory" : "RHSA-2026:4916", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el8", "package" : "eap7-wildfly-0:7.4.24-4.GA_redhat_00002.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 9", "release_date" : "2026-03-18T00:00:00Z", "advisory" : "RHSA-2026:4917", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el9", "package" : "eap7-undertow-0:2.2.39-1.Final_redhat_00001.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 9", "release_date" : "2026-03-18T00:00:00Z", "advisory" : "RHSA-2026:4917", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el9", "package" : "eap7-wildfly-0:7.4.24-4.GA_redhat_00002.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.0", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3892", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package" : "undertow-core" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3889", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package" : "eap8-bouncycastle-0:1.83.0-1.redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3889", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package" : "eap8-guava-libraries-0:33.0.0-2.jre_redhat_00003.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3889", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package" : "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3889", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package" : "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3889", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package" : "eap8-slf4j-jboss-logmanager-0:2.0.2-1.Final_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3889", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package" : "eap8-undertow-0:2.3.23-1.SP3_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3891", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package" : "eap8-bouncycastle-0:1.83.0-1.redhat_00001.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3891", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package" : "eap8-guava-libraries-0:33.0.0-2.jre_redhat_00003.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3891", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package" : "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3891", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package" : "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3891", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package" : "eap8-slf4j-jboss-logmanager-0:2.0.2-1.Final_redhat_00001.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date" : "2026-03-05T00:00:00Z", "advisory" : "RHSA-2026:3891", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package" : "eap8-undertow-0:2.3.23-1.SP3_redhat_00001.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0386", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package" : "undertow-core" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0383", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8", "package" : "eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0383", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8", "package" : "eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0383", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8", "package" : "eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0383", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8", "package" : "eap8-eventstream-0:1.0.1-3.redhat_00003.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0383", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8", "package" : "eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0383", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8", "package" : "eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0383", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8", "package" : "eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0383", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8", "package" : "eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0383", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8", "package" : "eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0383", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8", "package" : "eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0383", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8", "package" : "eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0383", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8", "package" : "eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el8eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0384", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9", "package" : "eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0384", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9", "package" : "eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0384", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9", "package" : "eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0384", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9", "package" : "eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0384", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9", "package" : "eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0384", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9", "package" : "eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0384", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9", "package" : "eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0384", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9", "package" : "eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0384", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9", "package" : "eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0384", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9", "package" : "eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0384", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9", "package" : "eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9", "release_date" : "2026-01-08T00:00:00Z", "advisory" : "RHSA-2026:0384", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9", "package" : "eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap" } ], "package_state" : [ { "product_name" : "Red Hat build of Apache Camel - HawtIO 4", "fix_state" : "Not affected", "package_name" : "undertow-core", "cpe" : "cpe:/a:redhat:apache_camel_hawtio:4" }, { "product_name" : "Red Hat Data Grid 8", "fix_state" : "Will not fix", "package_name" : "undertow-core", "cpe" : "cpe:/a:redhat:jboss_data_grid:8" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "moditect", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "pki-core:10.6/resteasy", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "pki-deps:10.6/resteasy", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "resteasy", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Fuse 7", "fix_state" : "Will not fix", "package_name" : "undertow-core", "cpe" : "cpe:/a:redhat:jboss_fuse:7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform Expansion Pack", "fix_state" : "Affected", "package_name" : "undertow-core", "cpe" : "cpe:/a:redhat:jbosseapxp" }, { "product_name" : "Red Hat Process Automation 7", "fix_state" : "Affected", "package_name" : "undertow-core", "cpe" : "cpe:/a:redhat:jboss_enterprise_bpms_platform:7" }, { "product_name" : "Red Hat Single Sign-On 7", "fix_state" : "Affected", "package_name" : "undertow-core", "cpe" : "cpe:/a:redhat:red_hat_single_sign_on:7" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-12543\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-12543" ], "name" : "CVE-2025-12543", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use, applicability, or stability.", "lang" : "en:us" }, "csaw" : false }