Vulnerabilities > CVE-2019-10797 - Unspecified vulnerability in Wso2 Transport-Http

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

wso2

NVD

Published: 2020-02-19

Updated: 2020-03-02

Summary

Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Response Splitting due to HTTP Header validation being disabled.

Vulnerable Configurations

Part	Description	Count
Application	Wso2 Wso2 Transport Http 6.0.50 Wso2 Transport Http 6.0.51 Wso2 Transport Http 6.0.52 Wso2 Transport Http 6.0.53 Wso2 Transport Http 6.0.54 Wso2 Transport Http 6.0.55 Wso2 Transport Http 6.0.56 Wso2 Transport Http 6.0.57 Wso2 Transport Http 6.0.58 Wso2 Transport Http 6.0.59 Wso2 Transport Http 6.0.60 Wso2 Transport Http 6.0.61 Wso2 Transport Http 6.0.62 Wso2 Transport Http 6.0.63 Wso2 Transport Http 6.0.64 Wso2 Transport Http 6.0.65 Wso2 Transport Http 6.0.66 Wso2 Transport Http 6.0.67 Wso2 Transport Http 6.0.68 Wso2 Transport Http 6.0.69 Wso2 Transport Http 6.0.70 Wso2 Transport Http 6.0.71 Wso2 Transport Http 6.0.72 Wso2 Transport Http 6.0.73 Wso2 Transport Http 6.0.74 Wso2 Transport Http 6.0.75 Wso2 Transport Http 6.0.76 Wso2 Transport Http 6.0.77 Wso2 Transport Http 6.0.78 Wso2 Transport Http 6.0.79 Wso2 Transport Http 6.0.80 Wso2 Transport Http 6.0.81 Wso2 Transport Http 6.0.82 Wso2 Transport Http 6.0.83 Wso2 Transport Http 6.0.84 Wso2 Transport Http 6.0.85 Wso2 Transport Http 6.0.86 Wso2 Transport Http 6.0.87 Wso2 Transport Http 6.0.88 Wso2 Transport Http 6.0.89 Wso2 Transport Http 6.0.90 Wso2 Transport Http 6.0.91 Wso2 Transport Http 6.0.92 Wso2 Transport Http 6.0.93 Wso2 Transport Http 6.0.94 Wso2 Transport Http 6.0.95 Wso2 Transport Http 6.0.96 Wso2 Transport Http 6.0.97 Wso2 Transport Http 6.0.98 Wso2 Transport Http 6.0.99 Wso2 Transport Http 6.0.100 Wso2 Transport Http 6.0.101 Wso2 Transport Http 6.0.102 Wso2 Transport Http 6.0.103 Wso2 Transport Http 6.0.104 Wso2 Transport Http 6.0.105 Wso2 Transport Http 6.0.106 Wso2 Transport Http 6.0.107 Wso2 Transport Http 6.0.108 Wso2 Transport Http 6.0.109 Wso2 Transport Http 6.0.110 Wso2 Transport Http 6.0.111 Wso2 Transport Http 6.0.112 Wso2 Transport Http 6.0.113 Wso2 Transport Http 6.0.114 Wso2 Transport Http 6.0.115 Wso2 Transport Http 6.0.116 Wso2 Transport Http 6.0.117 Wso2 Transport Http 6.0.118 Wso2 Transport Http 6.0.119 Wso2 Transport Http 6.0.120 Wso2 Transport Http 6.0.121 Wso2 Transport Http 6.0.122 Wso2 Transport Http 6.0.123 Wso2 Transport Http 6.0.124 Wso2 Transport Http 6.0.125 Wso2 Transport Http 6.0.126 Wso2 Transport Http 6.0.127 Wso2 Transport Http 6.0.128 Wso2 Transport Http 6.0.129 Wso2 Transport Http 6.0.130 Wso2 Transport Http 6.0.131 Wso2 Transport Http 6.0.132 Wso2 Transport Http 6.0.133 Wso2 Transport Http 6.0.134 Wso2 Transport Http 6.0.135 Wso2 Transport Http 6.0.136 Wso2 Transport Http 6.0.137 Wso2 Transport Http 6.0.138 Wso2 Transport Http 6.0.139 Wso2 Transport Http 6.0.140 Wso2 Transport Http 6.0.141 Wso2 Transport Http 6.0.142 Wso2 Transport Http 6.0.143 Wso2 Transport Http 6.0.144 Wso2 Transport Http 6.0.145 Wso2 Transport Http 6.0.146 Wso2 Transport Http 6.0.147 Wso2 Transport Http 6.0.148 Wso2 Transport Http 6.0.149 Wso2 Transport Http 6.0.150 Wso2 Transport Http 6.0.151 Wso2 Transport Http 6.0.152 Wso2 Transport Http 6.0.153 Wso2 Transport Http 6.0.154 Wso2 Transport Http 6.0.155 Wso2 Transport Http 6.0.156 Wso2 Transport Http 6.0.157 Wso2 Transport Http 6.0.158 Wso2 Transport Http 6.0.159 Wso2 Transport Http 6.0.160 Wso2 Transport Http 6.0.161 Wso2 Transport Http 6.0.162 Wso2 Transport Http 6.0.163 Wso2 Transport Http 6.0.164 Wso2 Transport Http 6.0.165 Wso2 Transport Http 6.0.166 Wso2 Transport Http 6.0.167 Wso2 Transport Http 6.0.168 Wso2 Transport Http 6.0.169 Wso2 Transport Http 6.0.170 Wso2 Transport Http 6.0.171 Wso2 Transport Http 6.0.172 Wso2 Transport Http 6.0.173 Wso2 Transport Http 6.0.174 Wso2 Transport Http 6.0.175 Wso2 Transport Http 6.0.176 Wso2 Transport Http 6.0.177 Wso2 Transport Http 6.0.178 Wso2 Transport Http 6.0.179 Wso2 Transport Http 6.0.180 Wso2 Transport Http 6.0.181 Wso2 Transport Http 6.0.182 Wso2 Transport Http 6.0.183 Wso2 Transport Http 6.0.184 Wso2 Transport Http 6.0.185 Wso2 Transport Http 6.0.186 Wso2 Transport Http 6.0.187 Wso2 Transport Http 6.0.188 Wso2 Transport Http 6.0.189 Wso2 Transport Http 6.0.190 Wso2 Transport Http 6.0.191 Wso2 Transport Http 6.0.192 Wso2 Transport Http 6.0.193 Wso2 Transport Http 6.0.194 Wso2 Transport Http 6.0.195 Wso2 Transport Http 6.0.196 Wso2 Transport Http 6.0.197 Wso2 Transport Http 6.0.198 Wso2 Transport Http 6.0.199 Wso2 Transport Http 6.0.200 Wso2 Transport Http 6.0.201 Wso2 Transport Http 6.0.202 Wso2 Transport Http 6.0.203 Wso2 Transport Http 6.0.204 Wso2 Transport Http 6.0.205 Wso2 Transport Http 6.0.206 Wso2 Transport Http 6.0.207 Wso2 Transport Http 6.0.208 Wso2 Transport Http 6.0.209 Wso2 Transport Http 6.0.210 Wso2 Transport Http 6.0.211 Wso2 Transport Http 6.0.212 Wso2 Transport Http 6.0.213 Wso2 Transport Http 6.0.214 Wso2 Transport Http 6.0.215 Wso2 Transport Http 6.0.216 Wso2 Transport Http 6.0.217 Wso2 Transport Http 6.0.218 Wso2 Transport Http 6.0.219 Wso2 Transport Http 6.0.220 Wso2 Transport Http 6.0.221 Wso2 Transport Http 6.0.222 Wso2 Transport Http 6.0.223 Wso2 Transport Http 6.0.224 Wso2 Transport Http 6.0.225 Wso2 Transport Http 6.0.226 Wso2 Transport Http 6.0.227 Wso2 Transport Http 6.0.228 Wso2 Transport Http 6.0.229 Wso2 Transport Http 6.0.230 Wso2 Transport Http 6.0.231 Wso2 Transport Http 6.0.232 Wso2 Transport Http 6.0.233 Wso2 Transport Http 6.0.234 Wso2 Transport Http 6.0.235 Wso2 Transport Http 6.0.236 Wso2 Transport Http 6.0.237 Wso2 Transport Http 6.0.238 Wso2 Transport Http 6.0.239 Wso2 Transport Http 6.0.240 Wso2 Transport Http 6.0.241 Wso2 Transport Http 6.0.242 Wso2 Transport Http 6.0.243 Wso2 Transport Http 6.0.244 Wso2 Transport Http 6.0.245 Wso2 Transport Http 6.0.246 Wso2 Transport Http 6.0.247 Wso2 Transport Http 6.0.248 Wso2 Transport Http 6.0.249 Wso2 Transport Http 6.0.250 Wso2 Transport Http 6.0.251 Wso2 Transport Http 6.0.252 Wso2 Transport Http 6.0.253 Wso2 Transport Http 6.0.254 Wso2 Transport Http 6.0.255 Wso2 Transport Http 6.0.256 Wso2 Transport Http 6.0.257 Wso2 Transport Http 6.0.258 Wso2 Transport Http 6.0.259 Wso2 Transport Http 6.0.260 Wso2 Transport Http 6.0.261 Wso2 Transport Http 6.0.262 Wso2 Transport Http 6.0.263 Wso2 Transport Http 6.0.264 Wso2 Transport Http 6.0.265 Wso2 Transport Http 6.0.266 Wso2 Transport Http 6.0.267 Wso2 Transport Http 6.0.268 Wso2 Transport Http 6.0.269 Wso2 Transport Http 6.0.270 Wso2 Transport Http 6.0.271 Wso2 Transport Http 6.0.272 Wso2 Transport Http 6.0.273 Wso2 Transport Http 6.0.274 Wso2 Transport Http 6.0.275 Wso2 Transport Http 6.0.276 Wso2 Transport Http 6.0.277 Wso2 Transport Http 6.0.278 Wso2 Transport Http 6.0.279 Wso2 Transport Http 6.0.280 Wso2 Transport Http 6.0.281 Wso2 Transport Http 6.0.282 Wso2 Transport Http 6.0.283 Wso2 Transport Http 6.0.284 Wso2 Transport Http 6.0.285 Wso2 Transport Http 6.0.286 Wso2 Transport Http 6.0.287 Wso2 Transport Http 6.0.288 Wso2 Transport Http 6.0.289 Wso2 Transport Http 6.0.290 Wso2 Transport Http 6.0.291 Wso2 Transport Http 6.0.292 Wso2 Transport Http 6.0.293 Wso2 Transport Http 6.0.294 Wso2 Transport Http 6.0.295 Wso2 Transport Http 6.0.296 Wso2 Transport Http 6.0.297 Wso2 Transport Http 6.0.298 Wso2 Transport Http 6.0.299 Wso2 Transport Http 6.0.300 Wso2 Transport Http 6.1.0 Wso2 Transport Http 6.1.1 Wso2 Transport Http 6.1.2 Wso2 Transport Http 6.1.3 Wso2 Transport Http 6.1.4 Wso2 Transport Http 6.1.5 Wso2 Transport Http 6.1.6 Wso2 Transport Http 6.1.7 Wso2 Transport Http 6.1.8 Wso2 Transport Http 6.1.9 Wso2 Transport Http 6.1.10 Wso2 Transport Http 6.1.11 Wso2 Transport Http 6.1.12 Wso2 Transport Http 6.2.0 Wso2 Transport Http 6.2.1 Wso2 Transport Http 6.2.2 Wso2 Transport Http 6.2.3 Wso2 Transport Http 6.2.4 Wso2 Transport Http 6.2.5 Wso2 Transport Http 6.2.6 Wso2 Transport Http 6.2.7 Wso2 Transport Http 6.2.8 Wso2 Transport Http 6.2.9 Wso2 Transport Http 6.2.10 Wso2 Transport Http 6.2.11 Wso2 Transport Http 6.2.12 Wso2 Transport Http 6.2.13 Wso2 Transport Http 6.2.14 Wso2 Transport Http 6.2.15 Wso2 Transport Http 6.2.16 Wso2 Transport Http 6.2.17 Wso2 Transport Http 6.2.18 Wso2 Transport Http 6.2.19 Wso2 Transport Http 6.2.20 Wso2 Transport Http 6.2.21 Wso2 Transport Http 6.2.22 Wso2 Transport Http 6.2.23 Wso2 Transport Http 6.2.24 Wso2 Transport Http 6.2.25 Wso2 Transport Http 6.2.26 Wso2 Transport Http 6.2.27 Wso2 Transport Http 6.2.28 Wso2 Transport Http 6.2.29 Wso2 Transport Http 6.2.30 Wso2 Transport Http 6.2.31 Wso2 Transport Http 6.2.32 Wso2 Transport Http 6.2.33 Wso2 Transport Http 6.2.34 Wso2 Transport Http 6.3.0	300

References

https://snyk.io/vuln/SNYK-JAVA-ORGWSO2TRANSPORTHTTP-548944