First published: Sat Feb 11 2023(Updated: )
A flaw was found in HAProxy's headers processing that causes HAProxy to drop important headers fields such as Connection, Content-length, Transfer-Encoding, and Host after having partially processed them. A maliciously crafted HTTP request could be used in an HTTP request smuggling attack to bypass filtering and detection by HAProxy.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/haproxy | <0:2.4.17-3.el9_1.2 | 0:2.4.17-3.el9_1.2 |
redhat/haproxy | <0:2.4.7-2.el9_0.2 | 0:2.4.7-2.el9_0.2 |
redhat/haproxy | <0:2.2.19-4.el8 | 0:2.2.19-4.el8 |
redhat/haproxy | <0:2.2.24-3.rhaos4.11.el8 | 0:2.2.24-3.rhaos4.11.el8 |
redhat/haproxy | <0:2.2.24-3.rhaos4.12.el8 | 0:2.2.24-3.rhaos4.12.el8 |
redhat/haproxy | <0:2.2.24-3.rhaos4.13.el8 | 0:2.2.24-3.rhaos4.13.el8 |
Haproxy Haproxy | <2.0.31 | |
Haproxy Haproxy | >=2.1.0<2.2.29 | |
Haproxy Haproxy | >=2.3.0<2.4.22 | |
Haproxy Haproxy | >=2.5.0<2.5.12 | |
Haproxy Haproxy | >=2.6.0<2.6.9 | |
Haproxy Haproxy | >=2.7.0<2.7.3 | |
Debian Debian Linux | =10.0 | |
Debian Debian Linux | =11.0 | |
redhat/HAProxy | <2.0.31 | 2.0.31 |
redhat/HAProxy | <2.2.29 | 2.2.29 |
redhat/HAProxy | <2.4.22 | 2.4.22 |
redhat/HAProxy | <2.5.12 | 2.5.12 |
redhat/HAProxy | <2.6.9 | 2.6.9 |
redhat/HAProxy | <2.7.3 | 2.7.3 |
redhat/HAProxy | <2.8 | 2.8 |
debian/haproxy | 2.2.9-2+deb11u6 2.6.12-1+deb12u1 3.0.7-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
CVE-2023-25725 is a vulnerability in HAProxy that allows bypass of access control through request smuggling.
CVE-2023-25725 has a severity rating of 9.1 (Critical).
CVE-2023-25725 affects HAProxy versions before 2.7.3 and may cause the loss of important HTTP/1 headers, leading to a bypass of access control.
To fix CVE-2023-25725, update HAProxy to version 2.7.3 or later.
You can find more information about CVE-2023-25725 at the following references: [Bugzilla - 2169823](https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2169823), [Bugzilla - 2170060](https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2170060), [Red Hat Security Advisory - CVE-2023-25725](https://access.redhat.com/security/cve/CVE-2023-25725).