CVE Vulnerabilities

CVE-2022-4492

Published: Feb 23, 2023 | Modified: Mar 12, 2025
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
7.5 MODERATE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Ubuntu
MEDIUM

The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should be performed by default) in https and in http/2. I would add it to any TLS client protocol.

Affected Software

Name Vendor Start Version End Version
Build_of_quarkus Redhat - (including) - (including)
Integration_camel_for_spring_boot Redhat - (including) - (including)
Integration_camel_k Redhat - (including) - (including)
Integration_service_registry Redhat - (including) - (including)
Jboss_enterprise_application_platform Redhat 7.0.0 (including) 7.0.0 (including)
Jboss_fuse Redhat 7.0.0 (including) 7.0.0 (including)
Migration_toolkit_for_applications Redhat 6.0 (including) 6.0 (including)
Migration_toolkit_for_runtimes Redhat - (including) - (including)
Single_sign-on Redhat 7.0 (including) 7.0 (including)
Undertow Redhat 2.7.0 (including) 2.7.0 (including)
EAP 7.4.10 release RedHat undertow *
Migration Toolkit for Runtimes 1 on RHEL 8 RedHat mtr/mtr-web-container-rhel8:1.1-8 *
MTA-6.2-RHEL-9 RedHat mta/mta-operator-bundle:6.2.0-29 *
Red Hat Fuse 7.12 RedHat undertow *
Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 RedHat eap7-glassfish-el-0:3.0.1-4.b08_redhat_00005.1.ep7.el7 *
Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 RedHat eap7-hibernate-0:5.1.17-3.Final_redhat_00004.1.ep7.el7 *
Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 RedHat eap7-jackson-databind-0:2.8.11.6-3.SP1_redhat_00003.1.ep7.el7 *
Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 RedHat eap7-jboss-ejb-client-0:4.0.12-1.Final_redhat_00002.1.ep7.el7 *
Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 RedHat eap7-netty-0:4.1.63-2.Final_redhat_00003.1.ep7.el7 *
Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 RedHat eap7-undertow-0:1.4.18-16.SP14_redhat_00001.1.ep7.el7 *
Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 RedHat eap7-wildfly-0:7.1.11-4.GA_redhat_00002.1.ep7.el7 *
Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 RedHat eap7-wildfly-elytron-0:1.1.14-1.Final_redhat_00001.1.ep7.el7 *
Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 RedHat eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.ep7.el7 *
Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 RedHat eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.ep7.el7 *
Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 RedHat eap7-wildfly-openssl-0:1.0.12-1.Final_redhat_00001.1.ep7.el7 *
Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 RedHat eap7-wildfly-openssl-linux-0:1.0.12-6.Final_redhat_00001.1.ep7.el7 *
Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 RedHat eap7-jackson-annotations-0:2.10.4-3.redhat_00006.1.el7eap *
Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 RedHat eap7-jackson-core-0:2.10.4-3.redhat_00006.1.el7eap *
Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 RedHat eap7-jackson-databind-0:2.10.4-5.redhat_00006.1.el7eap *
Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 RedHat eap7-jackson-jaxrs-providers-0:2.10.4-3.redhat_00006.1.el7eap *
Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 RedHat eap7-jackson-modules-base-0:2.10.4-5.redhat_00006.1.el7eap *
Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 RedHat eap7-jackson-modules-java8-0:2.10.4-2.redhat_00006.1.el7eap *
Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 RedHat eap7-jboss-server-migration-0:1.7.2-16.Final_redhat_00017.1.el7eap *
Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 RedHat eap7-netty-0:4.1.63-5.Final_redhat_00003.1.el7eap *
Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 RedHat eap7-undertow-0:2.0.41-4.SP5_redhat_00001.1.el7eap *
Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 RedHat eap7-wildfly-0:7.3.14-3.GA_redhat_00002.1.el7eap *
Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 RedHat eap7-wildfly-elytron-0:1.10.17-1.Final_redhat_00001.1.el7eap *
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 RedHat eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 RedHat eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap *
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9 RedHat eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9 RedHat eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap *
Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7 RedHat eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap *
Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7 RedHat eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap *
Red Hat Single Sign-On 7 RedHat undertow *
Red Hat Single Sign-On 7.6 for RHEL 7 RedHat rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso *
Red Hat Single Sign-On 7.6 for RHEL 8 RedHat rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el8sso *
Red Hat Single Sign-On 7.6 for RHEL 9 RedHat rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el9sso *
RHEL-8 based Middleware Containers RedHat rh-sso-7/sso76-openshift-rhel8:7.6-22 *
RHINT Camel-Springboot 3.20.1 RedHat undertow *
RHPAM 7.13.4 async RedHat *
Undertow Ubuntu bionic *
Undertow Ubuntu focal *
Undertow Ubuntu kinetic *
Undertow Ubuntu oracular *
Undertow Ubuntu trusty *
Undertow Ubuntu xenial *

References