Description
A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header interpretation can be exploited to launch request smuggling attacks, potentially bypassing security controls and accessing unauthorized resources.
Published: 2026-03-27
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Request smuggling enabling unauthorized access to protected resources
Action: Patch Immediately
AI Analysis

Impact

A flaw in Undertow, a component in many Red Hat products, allows a remote attacker to craft HTTP requests in which header names are parsed differently by Undertow compared to upstream proxies. This inconsistent header interpretation can be exploited to smuggle requests, bypassing security controls and accessing resources that should be protected. The weakness is classified as CWE‑444, a mismatch in protocol interpretation.

Affected Systems

The vulnerability affects several Red Hat offerings that embed Undertow, including Red Hat Data Grid 8, Red Hat Enterprise Linux 8, 9 and 10, Red Hat Fuse 7, Red Hat JBoss Enterprise Application Platform 7 and 8 (with the Expansion Pack), Red Hat Process Automation 7, Red Hat Single Sign‑On 7, and Red Hat builds of Apache Camel HawtIO 4 and Camel for Spring Boot 4. Specific version details are not listed in the CNA data, so all versions present in these products should be considered potentially vulnerable until an update is applied.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity, while the EPSS score of less than 1 % suggests a currently low likelihood of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that the attack vector is remote network via HTTP, where an attacker can send crafted requests that exploit the header‑parsing mismatch on an Undertow instance or a proxy forwarding to it. Successful exploitation can lead to request smuggling that bypasses security checks and grants unauthorized access or manipulation of resources.

Generated by OpenCVE AI on March 31, 2026 at 21:50 UTC.

Remediation

Vendor Workaround

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

OpenCVE Recommended Actions

  • Apply the Red Hat security update that addresses the Undertow request smuggling vulnerability as soon as it is released
  • Verify that no vulnerable versions of the affected products are in use
  • Because no suitable workaround is available, continue monitoring Red Hat advisories for any temporary mitigations and apply them when verified
  • Keep systems up to date with the latest Red Hat patches to maintain protection

Generated by OpenCVE AI on March 31, 2026 at 21:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-8v4x-mgvp-p658 Undertow is Vulnerable to HTTP Request/Response Smuggling
History

Tue, 31 Mar 2026 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Redhat single Sign-on
CPEs cpe:2.3:a:redhat:build_of_apache_camel_-_hawtio:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:build_of_apache_camel_for_spring_boot:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:data_grid:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:fuse:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform_expansion_pack:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:undertow:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Vendors & Products Redhat single Sign-on

Mon, 30 Mar 2026 08:15:00 +0000

Type Values Removed Values Added
First Time appeared Redhat build Of Apache Camel - Hawtio
Redhat build Of Apache Camel For Spring Boot
Redhat data Grid
Redhat fuse
Redhat jboss Enterprise Application Platform Expansion Pack
Redhat process Automation
Redhat undertow
Vendors & Products Redhat build Of Apache Camel - Hawtio
Redhat build Of Apache Camel For Spring Boot
Redhat data Grid
Redhat fuse
Redhat jboss Enterprise Application Platform Expansion Pack
Redhat process Automation
Redhat undertow

Fri, 27 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 27 Mar 2026 16:45:00 +0000

Type Values Removed Values Added
Description A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header interpretation can be exploited to launch request smuggling attacks, potentially bypassing security controls and accessing unauthorized resources.
Title Undertow: undertow: request smuggling via inconsistent header parsing
First Time appeared Redhat
Redhat apache Camel Hawtio
Redhat camel Spring Boot
Redhat enterprise Linux
Redhat jboss Data Grid
Redhat jboss Enterprise Application Platform
Redhat jboss Enterprise Bpms Platform
Redhat jboss Fuse
Redhat jbosseapxp
Redhat red Hat Single Sign On
Weaknesses CWE-444
CPEs cpe:/a:redhat:apache_camel_hawtio:4
cpe:/a:redhat:camel_spring_boot:4
cpe:/a:redhat:jboss_data_grid:8
cpe:/a:redhat:jboss_enterprise_application_platform:7
cpe:/a:redhat:jboss_enterprise_application_platform:8
cpe:/a:redhat:jboss_enterprise_bpms_platform:7
cpe:/a:redhat:jboss_fuse:7
cpe:/a:redhat:jbosseapxp
cpe:/a:redhat:red_hat_single_sign_on:7
cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat apache Camel Hawtio
Redhat camel Spring Boot
Redhat enterprise Linux
Redhat jboss Data Grid
Redhat jboss Enterprise Application Platform
Redhat jboss Enterprise Bpms Platform
Redhat jboss Fuse
Redhat jbosseapxp
Redhat red Hat Single Sign On
References
Metrics cvssV3_1

{'score': 8.7, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N'}

Subscriptions

Redhat Apache Camel Hawtio Build Of Apache Camel - Hawtio Build Of Apache Camel For Spring Boot Camel Spring Boot Data Grid Enterprise Linux Fuse Jboss Data Grid Jboss Enterprise Application Platform Jboss Enterprise Application Platform Expansion Pack Jboss Enterprise Bpms Platform Jboss Fuse Jbosseapxp Process Automation Red Hat Single Sign On Single Sign-on Undertow
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-04-08T08:29:32.913Z

Reserved: 2026-02-27T04:42:16.439Z

Link: CVE-2026-28368

cve-icon Vulnrichment

Updated: 2026-03-27T18:49:50.042Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-27T17:16:27.993

Modified: 2026-03-31T18:20:30.077

Link: CVE-2026-28368

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-02T07:55:32Z

Weaknesses