CVE-2015-2156

HIGH

Netty < 3.9.7 - Improper Input Validation

Title source: rule

Description

Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters.

Exploits (2)

nomisec STUB

by dawetmaster · poc

https://github.com/dawetmaster/CVE-2015-2156-netty-vulnerable

View Code ZIP pw:eip

nomisec STUB

by andikahilmy · poc

https://github.com/andikahilmy/CVE-2015-2156-netty-vulnerable

View Code ZIP pw:eip

References (12)

[Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159379.html

[Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159166.html

[Vendor Advisory] http://netty.io/news/2015/05/08/3-9-8-Final-and-3.html

[Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2015/05/17/1

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/74704

[Issue Tracking, Third Party Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=1222923

[Third Party Advisory] https://github.com/netty/netty/pull/3754

[Mailing List] https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/a19bb1003b0d6cd22475ba83c019b4fc7facfef2a9e13f71132529d3%40%3Ccommits.cassandra.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/dc1275aef115bda172851a231c76c0932d973f9ffd8bc375c4aba769%40%3Ccommits.cassandra.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E

[Third Party Advisory] https://www.playframework.com/security/vulnerability/CVE-2015-2156-HttpOnlyBypass

Scores

CVSS v3 7.5

EPSS 0.0327

EPSS Percentile 87.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-20

Status published

Products (35)

io.netty/netty 3.10.0 - 3.10.3.FinalMaven

io.netty/netty-parent 4.0.0 - 4.0.28.FinalMaven

lightbend/play_framework 2.0 rc3 (3 CPE variants)

lightbend/play_framework 2.0.2 (3 CPE variants)

lightbend/play_framework 2.0.3 (3 CPE variants)

lightbend/play_framework 2.0.4 (3 CPE variants)

lightbend/play_framework 2.0.5 (3 CPE variants)

lightbend/play_framework 2.0.6

lightbend/play_framework 2.0.7

lightbend/play_framework 2.0.8

... and 25 more

Published Oct 18, 2017

Tracked Since Feb 18, 2026