Undertow-core: undertow http server fails to reject malformed host headers...

9.6 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L

Description

A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perform internal network scans, or hijack user sessions.

AI Analysis

Undertow HTTP server fails to reject malformed Host headers, enabling cache poisoning and SSRF attacks

Basic Information

ID CVE-2025-12543

Source redhat

Published Jan 7, 2026 at 16:04

Modified Jan 7, 2026 at 16:36

Affected Product

Vendor Red Hat

Product Red Hat build of Apache Camel for Spring Boot 4

CWE Classification

CWE-20

AI Assessment

AI Score 9.6 / 10

AI Severity Critical

Vendor Red Hat

Product Undertow HTTP server

References

{
    "lastseen": "",
    "description": "A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perform internal network scans, or hijack user sessions.",
    "published": "2026-01-07T16:04:22.155Z",
    "modified": "2026-01-07T16:36:02.745Z",
    "type": "cve",
    "title": "Undertow-core: undertow http server fails to reject malformed host headers leading to potential cache poisoning and ssrf",
    "source": "redhat",
    "references": "https://access.redhat.com/security/cve/CVE-2025-12543\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2408784",
    "id": "CVE-2025-12543",
    "bulletinFamily": "",
    "cwe": [
        "CWE-20"
    ],
    "cvelist": null,
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 9.6,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Red Hat build of Apache Camel for Spring Boot 4",
    "version": "",
    "vendor": "Red Hat",
    "ai_description": "Undertow HTTP server fails to reject malformed Host headers, enabling cache poisoning and SSRF attacks",
    "ai_severity": "Critical",
    "ai_vendor": "Red Hat",
    "ai_product": "Undertow HTTP server",
    "ai_version": "",
    "ai_score": 9.6
}

Undertow-core: undertow http server fails to reject malformed host headers leading to potential cache poisoning and ssrf_CVE-2025-12543