{"api_version":"1","generated_at":"2026-07-09T04:18:27+00:00","cve":"CVE-2025-12543","urls":{"html":"https://cve.report/CVE-2025-12543","api":"https://cve.report/api/cve/CVE-2025-12543.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2025-12543","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2025-12543"},"summary":{"title":"Undertow-core: undertow http server fails to reject malformed host headers leading to potential cache poisoning and ssrf","description":"A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perform internal network scans, or hijack user sessions.","state":"PUBLISHED","assigner":"redhat","published_at":"2026-01-07 17:15:55","updated_at":"2026-06-30 05:17:10"},"problem_types":["CWE-20","CWE-20 Improper Input Validation"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"9.6","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"ADP","type":"CVSS","score":"9.6","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":9.6,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L","version":"3.1"}},{"version":"3.1","source":"secalert@redhat.com","type":"Secondary","score":"9.6","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"}},{"version":"3.1","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","score":"9.6","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"9.6","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":9.6,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L","version":"3.1"}}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:3889","name":"https://access.redhat.com/errata/RHSA-2026:3889","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:4917","name":"https://access.redhat.com/errata/RHSA-2026:4917","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:4915","name":"https://access.redhat.com/errata/RHSA-2026:4915","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:3892","name":"https://access.redhat.com/errata/RHSA-2026:3892","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:3890","name":"https://access.redhat.com/errata/RHSA-2026:3890","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2408784","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2408784","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/security/cve/CVE-2025-12543","name":"https://access.redhat.com/security/cve/CVE-2025-12543","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:0384","name":"https://access.redhat.com/errata/RHSA-2026:0384","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:0386","name":"https://access.redhat.com/errata/RHSA-2026:0386","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:33371","name":"https://access.redhat.com/errata/RHSA-2026:33371","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:0383","name":"https://access.redhat.com/errata/RHSA-2026:0383","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-12543.json","name":"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-12543.json","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:3891","name":"https://access.redhat.com/errata/RHSA-2026:3891","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:33372","name":"https://access.redhat.com/errata/RHSA-2026:33372","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:4916","name":"https://access.redhat.com/errata/RHSA-2026:4916","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2026:4924","name":"https://access.redhat.com/errata/RHSA-2026:4924","refsource":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2025-12543","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-12543","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Red Hat","product":"Red Hat build of Apache Camel 4.14.4 for Spring Boot 3.5.11","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform","version":"unaffected 2.2.39.Final-redhat-00001 * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7","version":"unaffected 0:1.4.18-21.SP19_redhat_00001.1.ep7.el7 * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7","version":"unaffected 0:2.0.41-8.SP9_redhat_00001.1.el7eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 7","version":"unaffected 0:2.2.39-1.Final_redhat_00001.1.el7eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 7","version":"unaffected 0:7.4.24-4.GA_redhat_00002.1.el7eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 8","version":"unaffected 0:2.2.39-1.Final_redhat_00001.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 8","version":"unaffected 0:7.4.24-4.GA_redhat_00002.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 9","version":"unaffected 0:2.2.39-1.Final_redhat_00001.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 9","version":"unaffected 0:7.4.24-4.GA_redhat_00002.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.0","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8","version":"unaffected 0:1.83.0-1.redhat_00001.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8","version":"unaffected 0:33.0.0-2.jre_redhat_00003.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8","version":"unaffected 0:4.0.6-1.redhat_00001.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8","version":"unaffected 0:1.0.0-3.redhat_00009.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8","version":"unaffected 0:2.0.2-1.Final_redhat_00001.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8","version":"unaffected 0:2.3.23-1.SP3_redhat_00001.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9","version":"unaffected 0:1.83.0-1.redhat_00001.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9","version":"unaffected 0:33.0.0-2.jre_redhat_00003.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9","version":"unaffected 0:4.0.6-1.redhat_00001.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9","version":"unaffected 0:1.0.0-3.redhat_00009.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9","version":"unaffected 0:2.0.2-1.Final_redhat_00001.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9","version":"unaffected 0:2.3.23-1.SP3_redhat_00001.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","version":"unaffected 0:4.0.10-1.redhat_00001.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","version":"unaffected 0:1.82.0-1.redhat_00001.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","version":"unaffected 0:801.3.0-1.GA_redhat_00001.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","version":"unaffected 0:1.0.1-3.redhat_00003.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","version":"unaffected 0:6.6.36-1.Final_redhat_00001.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","version":"unaffected 0:4.0.2-1.Final_redhat_00001.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","version":"unaffected 0:2.5.0-1.redhat_00001.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","version":"unaffected 0:2.3.20-2.SP4_redhat_00001.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","version":"unaffected 0:8.1.3-4.GA_redhat_00006.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","version":"unaffected 0:5.0.12-1.Final_redhat_00001.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","version":"unaffected 0:2.6.6-1.Final_redhat_00001.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","version":"unaffected 0:8.1.1-4.GA_redhat_00007.1.el8eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","version":"unaffected 0:4.0.10-1.redhat_00001.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","version":"unaffected 0:1.82.0-1.redhat_00001.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","version":"unaffected 0:801.3.0-1.GA_redhat_00001.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","version":"unaffected 0:1.0.1-3.redhat_00003.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","version":"unaffected 0:6.6.36-1.Final_redhat_00001.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","version":"unaffected 0:4.0.2-1.Final_redhat_00001.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","version":"unaffected 0:2.5.0-1.redhat_00001.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","version":"unaffected 0:2.3.20-2.SP4_redhat_00001.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","version":"unaffected 0:8.1.3-4.GA_redhat_00006.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","version":"unaffected 0:5.0.12-1.Final_redhat_00001.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","version":"unaffected 0:2.6.6-1.Final_redhat_00001.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","version":"unaffected 0:8.1.1-4.GA_redhat_00007.1.el9eap * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat build of Apache Camel - HawtIO 4","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Data Grid 8","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Fuse 7","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Process Automation 7","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Single Sign-On 7","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss EAP 7.4 ELS for RHEL 7 Server","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss EAP 7.4 ELS for RHEL 8","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss EAP 8.0 for RHEL 8","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss EAP 8.1 for RHEL 8","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss EAP 7.4 ELS for RHEL 9","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss EAP 8.0 for RHEL 9","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss EAP 8.1 for RHEL 9","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.0","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat build of Apache Camel 4.14.4 for Spring Boot 3.5.11","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Data Grid 8","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Fuse 7","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Process Automation 7","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Single Sign-On 7","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat build of Apache Camel - HawtIO 4","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","version":"","platforms":[]},{"source":"ADP","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","version":"","platforms":[]}],"timeline":[{"source":"CNA","time":"2025-10-31T06:15:35.424Z","lang":"en","value":"Reported to Red Hat."},{"source":"CNA","time":"2026-01-08T00:00:00.000Z","lang":"en","value":"Made public."},{"source":"ADP","time":"2025-10-31T06:15:35.424Z","lang":"en","value":"Reported to Red Hat."},{"source":"ADP","time":"2026-01-08T00:00:00.000Z","lang":"en","value":"Made public."}],"solutions":[{"source":"ADP","title":"","value":"RHSA-2026:33372: Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:33371: Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:4915: Red Hat JBoss EAP 7.4 ELS for RHEL 7 Server","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:4916: Red Hat JBoss EAP 7.4 ELS for RHEL 8","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:3889: Red Hat JBoss EAP 8.0 for RHEL 8","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:0383: Red Hat JBoss EAP 8.1 for RHEL 8","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:4917: Red Hat JBoss EAP 7.4 ELS for RHEL 9","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:3891: Red Hat JBoss EAP 8.0 for RHEL 9","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:0384: Red Hat JBoss EAP 8.1 for RHEL 9","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:3892: Red Hat JBoss Enterprise Application Platform 8.0","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:0386: Red Hat JBoss Enterprise Application Platform 8.1","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:4924: Red Hat JBoss Enterprise Application Platform","time":"","lang":"en"},{"source":"ADP","title":"","value":"RHSA-2026:3890: Red Hat build of Apache Camel 4.14.4 for Spring Boot 3.5.11","time":"","lang":"en"}],"workarounds":[{"source":"CNA","title":"","value":"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use, applicability, or stability.","time":"","lang":"en"},{"source":"ADP","title":"","value":"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use, applicability, or stability.","time":"","lang":"en"}],"exploits":[],"credits":[{"source":"CNA","value":"Red Hat would like to thank Ahmet Artuç for reporting this issue.","lang":"en"}],"nvd_cpes":[{"cve_year":"2025","cve_id":"12543","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"build_of_apache_camel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"spring_boot","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"12543","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"data_grid","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"12543","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"fuse","cpe6":"7.0.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2025","cve_id":"12543","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"jboss_enterprise_application_platform","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2025-12543","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2026-01-07T00:00:00+00:00","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-04-29T03:55:30.656Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"},{"affected":[{"cpes":["cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7"],"defaultStatus":"affected","product":"Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7"],"defaultStatus":"affected","product":"Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el7"],"defaultStatus":"affected","product":"Red Hat JBoss EAP 7.4 ELS for RHEL 7 Server","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el8"],"defaultStatus":"affected","product":"Red Hat JBoss EAP 7.4 ELS for RHEL 8","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"],"defaultStatus":"affected","product":"Red Hat JBoss EAP 8.0 for RHEL 8","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"defaultStatus":"affected","product":"Red Hat JBoss EAP 8.1 for RHEL 8","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el9"],"defaultStatus":"affected","product":"Red Hat JBoss EAP 7.4 ELS for RHEL 9","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"],"defaultStatus":"affected","product":"Red Hat JBoss EAP 8.0 for RHEL 9","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"defaultStatus":"affected","product":"Red Hat JBoss EAP 8.1 for RHEL 9","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"],"defaultStatus":"affected","product":"Red Hat JBoss Enterprise Application Platform 8.0","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"],"defaultStatus":"affected","product":"Red Hat JBoss Enterprise Application Platform 8.1","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_enterprise_application_platform::el7"],"defaultStatus":"affected","product":"Red Hat JBoss Enterprise Application Platform","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:apache_camel_spring_boot:4.14"],"defaultStatus":"affected","product":"Red Hat build of Apache Camel 4.14.4 for Spring Boot 3.5.11","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_data_grid:8"],"defaultStatus":"affected","product":"Red Hat Data Grid 8","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_fuse:7"],"defaultStatus":"affected","product":"Red Hat Fuse 7","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:7"],"defaultStatus":"affected","product":"Red Hat JBoss Enterprise Application Platform 7","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jbosseapxp"],"defaultStatus":"affected","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"],"defaultStatus":"affected","product":"Red Hat Process Automation 7","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:red_hat_single_sign_on:7"],"defaultStatus":"affected","product":"Red Hat Single Sign-On 7","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:apache_camel_hawtio:4"],"defaultStatus":"unaffected","product":"Red Hat build of Apache Camel - HawtIO 4","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:10"],"defaultStatus":"unaffected","product":"Red Hat Enterprise Linux 10","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:8"],"defaultStatus":"unaffected","product":"Red Hat Enterprise Linux 8","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:9"],"defaultStatus":"unaffected","product":"Red Hat Enterprise Linux 9","vendor":"Red Hat"}],"datePublic":"2026-01-08T00:00:00.000Z","descriptions":[{"lang":"en","value":"A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perform internal network scans, or hijack user sessions."}],"metrics":[{"other":{"content":{"namespace":"https://access.redhat.com/security/updates/classification/","value":"Important"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":9.6,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L","version":"3.1"},"format":"CVSS"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"Improper Input Validation","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-06-30T03:15:36.209Z","orgId":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","shortName":"redhat-SADP"},"references":[{"tags":["vdb-entry","x_refsource_REDHAT"],"url":"https://access.redhat.com/security/cve/CVE-2025-12543"},{"name":"RHBZ#2408784","tags":["issue-tracking","x_refsource_REDHAT"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2408784"},{"tags":["x_sadp-csaf-vex"],"url":"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-12543.json"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:33372"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:33371"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:4915"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:4916"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:3889"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:0383"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:4917"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:3891"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:0384"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:3892"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:0386"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:4924"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:3890"}],"solutions":[{"lang":"en","value":"RHSA-2026:33372: Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server"},{"lang":"en","value":"RHSA-2026:33371: Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server"},{"lang":"en","value":"RHSA-2026:4915: Red Hat JBoss EAP 7.4 ELS for RHEL 7 Server"},{"lang":"en","value":"RHSA-2026:4916: Red Hat JBoss EAP 7.4 ELS for RHEL 8"},{"lang":"en","value":"RHSA-2026:3889: Red Hat JBoss EAP 8.0 for RHEL 8"},{"lang":"en","value":"RHSA-2026:0383: Red Hat JBoss EAP 8.1 for RHEL 8"},{"lang":"en","value":"RHSA-2026:4917: Red Hat JBoss EAP 7.4 ELS for RHEL 9"},{"lang":"en","value":"RHSA-2026:3891: Red Hat JBoss EAP 8.0 for RHEL 9"},{"lang":"en","value":"RHSA-2026:0384: Red Hat JBoss EAP 8.1 for RHEL 9"},{"lang":"en","value":"RHSA-2026:3892: Red Hat JBoss Enterprise Application Platform 8.0"},{"lang":"en","value":"RHSA-2026:0386: Red Hat JBoss Enterprise Application Platform 8.1"},{"lang":"en","value":"RHSA-2026:4924: Red Hat JBoss Enterprise Application Platform"},{"lang":"en","value":"RHSA-2026:3890: Red Hat build of Apache Camel 4.14.4 for Spring Boot 3.5.11"}],"timeline":[{"lang":"en","time":"2025-10-31T06:15:35.424Z","value":"Reported to Red Hat."},{"lang":"en","time":"2026-01-08T00:00:00.000Z","value":"Made public."}],"title":"undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF","workarounds":[{"lang":"en","value":"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use, applicability, or stability."}],"x_adpType":"supplier","x_generator":{"engine":"sadp-cli 1.0.0"}}],"cna":{"affected":[{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:apache_camel_spring_boot:4.14"],"defaultStatus":"unaffected","packageName":"undertow-core","product":"Red Hat build of Apache Camel 4.14.4 for Spring Boot 3.5.11","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:7.4"],"defaultStatus":"affected","packageName":"io.undertow/undertow-core","product":"Red Hat JBoss Enterprise Application Platform","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"2.2.39.Final-redhat-00001","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7"],"defaultStatus":"affected","packageName":"eap7-undertow","product":"Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:1.4.18-21.SP19_redhat_00001.1.ep7.el7","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7"],"defaultStatus":"affected","packageName":"eap7-undertow","product":"Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:2.0.41-8.SP9_redhat_00001.1.el7eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el7"],"defaultStatus":"affected","packageName":"eap7-undertow","product":"Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 7","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:2.2.39-1.Final_redhat_00001.1.el7eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el7"],"defaultStatus":"affected","packageName":"eap7-wildfly","product":"Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 7","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:7.4.24-4.GA_redhat_00002.1.el7eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el8"],"defaultStatus":"affected","packageName":"eap7-undertow","product":"Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:2.2.39-1.Final_redhat_00001.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el8"],"defaultStatus":"affected","packageName":"eap7-wildfly","product":"Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:7.4.24-4.GA_redhat_00002.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el9"],"defaultStatus":"affected","packageName":"eap7-undertow","product":"Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:2.2.39-1.Final_redhat_00001.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform_els:7.4::el9"],"defaultStatus":"affected","packageName":"eap7-wildfly","product":"Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:7.4.24-4.GA_redhat_00002.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"],"defaultStatus":"unaffected","packageName":"undertow-core","product":"Red Hat JBoss Enterprise Application Platform 8.0","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"],"defaultStatus":"affected","packageName":"eap8-bouncycastle","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:1.83.0-1.redhat_00001.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"],"defaultStatus":"affected","packageName":"eap8-guava-libraries","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:33.0.0-2.jre_redhat_00003.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"],"defaultStatus":"affected","packageName":"eap8-jaxb","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:4.0.6-1.redhat_00001.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"],"defaultStatus":"affected","packageName":"eap8-jcip-annotations","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:1.0.0-3.redhat_00009.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"],"defaultStatus":"affected","packageName":"eap8-slf4j-jboss-logmanager","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:2.0.2-1.Final_redhat_00001.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"],"defaultStatus":"affected","packageName":"eap8-undertow","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:2.3.23-1.SP3_redhat_00001.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"],"defaultStatus":"affected","packageName":"eap8-bouncycastle","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:1.83.0-1.redhat_00001.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"],"defaultStatus":"affected","packageName":"eap8-guava-libraries","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:33.0.0-2.jre_redhat_00003.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"],"defaultStatus":"affected","packageName":"eap8-jaxb","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:4.0.6-1.redhat_00001.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"],"defaultStatus":"affected","packageName":"eap8-jcip-annotations","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:1.0.0-3.redhat_00009.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"],"defaultStatus":"affected","packageName":"eap8-slf4j-jboss-logmanager","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:2.0.2-1.Final_redhat_00001.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"],"defaultStatus":"affected","packageName":"eap8-undertow","product":"Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:2.3.23-1.SP3_redhat_00001.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"],"defaultStatus":"unaffected","packageName":"undertow-core","product":"Red Hat JBoss Enterprise Application Platform 8.1","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"defaultStatus":"affected","packageName":"eap8-apache-cxf","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:4.0.10-1.redhat_00001.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"defaultStatus":"affected","packageName":"eap8-bouncycastle","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:1.82.0-1.redhat_00001.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"defaultStatus":"affected","packageName":"eap8-eap-product-conf-parent","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:801.3.0-1.GA_redhat_00001.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"defaultStatus":"affected","packageName":"eap8-eventstream","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:1.0.1-3.redhat_00003.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"defaultStatus":"affected","packageName":"eap8-hibernate","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:6.6.36-1.Final_redhat_00001.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"defaultStatus":"affected","packageName":"eap8-jboss-el-api_5.0_spec","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:4.0.2-1.Final_redhat_00001.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"defaultStatus":"affected","packageName":"eap8-jboss-threads","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:2.5.0-1.redhat_00001.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"defaultStatus":"affected","packageName":"eap8-undertow","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:2.3.20-2.SP4_redhat_00001.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"defaultStatus":"affected","packageName":"eap8-wildfly","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:8.1.3-4.GA_redhat_00006.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"defaultStatus":"affected","packageName":"eap8-wildfly-clustering","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:5.0.12-1.Final_redhat_00001.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"defaultStatus":"affected","packageName":"eap8-wildfly-elytron","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:2.6.6-1.Final_redhat_00001.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"defaultStatus":"affected","packageName":"eap8-wildfly-javadocs","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:8.1.1-4.GA_redhat_00007.1.el8eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"defaultStatus":"affected","packageName":"eap8-apache-cxf","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:4.0.10-1.redhat_00001.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"defaultStatus":"affected","packageName":"eap8-bouncycastle","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:1.82.0-1.redhat_00001.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"defaultStatus":"affected","packageName":"eap8-eap-product-conf-parent","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:801.3.0-1.GA_redhat_00001.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"defaultStatus":"affected","packageName":"eap8-eventstream","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:1.0.1-3.redhat_00003.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"defaultStatus":"affected","packageName":"eap8-hibernate","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:6.6.36-1.Final_redhat_00001.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"defaultStatus":"affected","packageName":"eap8-jboss-el-api_5.0_spec","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:4.0.2-1.Final_redhat_00001.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"defaultStatus":"affected","packageName":"eap8-jboss-threads","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:2.5.0-1.redhat_00001.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"defaultStatus":"affected","packageName":"eap8-undertow","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:2.3.20-2.SP4_redhat_00001.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"defaultStatus":"affected","packageName":"eap8-wildfly","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:8.1.3-4.GA_redhat_00006.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"defaultStatus":"affected","packageName":"eap8-wildfly-clustering","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:5.0.12-1.Final_redhat_00001.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"defaultStatus":"affected","packageName":"eap8-wildfly-elytron","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:2.6.6-1.Final_redhat_00001.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"defaultStatus":"affected","packageName":"eap8-wildfly-javadocs","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:8.1.1-4.GA_redhat_00007.1.el9eap","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:apache_camel_hawtio:4"],"defaultStatus":"unaffected","packageName":"undertow-core","product":"Red Hat build of Apache Camel - HawtIO 4","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_data_grid:8"],"defaultStatus":"affected","packageName":"undertow-core","product":"Red Hat Data Grid 8","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux:10"],"defaultStatus":"unaffected","packageName":"moditect","product":"Red Hat Enterprise Linux 10","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux:8"],"defaultStatus":"unaffected","packageName":"pki-core:10.6/resteasy","product":"Red Hat Enterprise Linux 8","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux:8"],"defaultStatus":"unaffected","packageName":"pki-deps:10.6/resteasy","product":"Red Hat Enterprise Linux 8","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux:9"],"defaultStatus":"unaffected","packageName":"resteasy","product":"Red Hat Enterprise Linux 9","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_fuse:7"],"defaultStatus":"affected","packageName":"undertow-core","product":"Red Hat Fuse 7","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:7"],"defaultStatus":"affected","packageName":"undertow-core","product":"Red Hat JBoss Enterprise Application Platform 7","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html","cpes":["cpe:/a:redhat:jbosseapxp"],"defaultStatus":"affected","packageName":"undertow-core","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"],"defaultStatus":"affected","packageName":"undertow-core","product":"Red Hat Process Automation 7","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:red_hat_single_sign_on:7"],"defaultStatus":"affected","packageName":"undertow-core","product":"Red Hat Single Sign-On 7","vendor":"Red Hat"}],"credits":[{"lang":"en","value":"Red Hat would like to thank Ahmet Artuç for reporting this issue."}],"datePublic":"2026-01-08T00:00:00.000Z","descriptions":[{"lang":"en","value":"A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perform internal network scans, or hijack user sessions."}],"metrics":[{"other":{"content":{"namespace":"https://access.redhat.com/security/updates/classification/","value":"Important"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":9.6,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L","version":"3.1"},"format":"CVSS"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"Improper Input Validation","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-06-30T02:46:49.150Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"RHSA-2026:0383","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:0383"},{"name":"RHSA-2026:0384","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:0384"},{"name":"RHSA-2026:0386","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:0386"},{"name":"RHSA-2026:33371","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:33371"},{"name":"RHSA-2026:33372","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:33372"},{"name":"RHSA-2026:3889","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:3889"},{"name":"RHSA-2026:3890","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:3890"},{"name":"RHSA-2026:3891","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:3891"},{"name":"RHSA-2026:3892","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:3892"},{"name":"RHSA-2026:4915","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:4915"},{"name":"RHSA-2026:4916","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:4916"},{"name":"RHSA-2026:4917","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:4917"},{"name":"RHSA-2026:4924","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:4924"},{"tags":["vdb-entry","x_refsource_REDHAT"],"url":"https://access.redhat.com/security/cve/CVE-2025-12543"},{"name":"RHBZ#2408784","tags":["issue-tracking","x_refsource_REDHAT"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2408784"}],"timeline":[{"lang":"en","time":"2025-10-31T06:15:35.424Z","value":"Reported to Red Hat."},{"lang":"en","time":"2026-01-08T00:00:00.000Z","value":"Made public."}],"title":"Undertow-core: undertow http server fails to reject malformed host headers leading to potential cache poisoning and ssrf","workarounds":[{"lang":"en","value":"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use, applicability, or stability."}],"x_generator":{"engine":"cvelib 1.8.0"},"x_redhatCweChain":"CWE-20: Improper Input Validation"}},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2025-12543","datePublished":"2026-01-07T16:04:22.155Z","dateReserved":"2025-10-31T06:48:03.659Z","dateUpdated":"2026-06-30T03:15:36.209Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-01-07 17:15:55","lastModifiedDate":"2026-06-30 05:17:10","problem_types":["CWE-20","CWE-20 Improper Input Validation"],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-01-07T00:00:00+00:00","id":"CVE-2025-12543","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:build_of_apache_camel:*:*:*:*:*:spring_boot:*:*","versionEndExcluding":"4.14.4","matchCriteriaId":"07091FB7-A140-4D8E-BDB8-1EC9CF463F53"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:data_grid:8.0:*:*:*:*:*:*:*","matchCriteriaId":"7095200A-4DAC-4433-99E8-86CA88E1E4D4"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:fuse:7.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AAD91726-93D9-4230-BF69-6A79B58E09E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0","versionEndExcluding":"8.0.12","matchCriteriaId":"7D2DF1E8-9000-4FB5-9EA8-138D8FB3E2CA"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*","versionStartIncluding":"8.1.0","versionEndExcluding":"8.1.3","matchCriteriaId":"47585EEB-2EB2-42D6-B06E-290BCE788A9F"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:*","matchCriteriaId":"B8423D7F-3A8F-4AD8-BF51-245C9D8DD816"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*","matchCriteriaId":"72A54BDA-311C-413B-8E4D-388AD65A170A"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:jboss_enterprise_application_platform_expansion_pack:-:*:*:*:*:*:*:*","matchCriteriaId":"0A24CBFB-4900-47A5-88D2-A44C929603DC"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*","matchCriteriaId":"20A6B40D-F991-4712-8E30-5FE008505CB7"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*","matchCriteriaId":"9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*","versionEndExcluding":"2.2.39","matchCriteriaId":"FD2DF681-F91C-41CD-8031-1A0ABC2EF051"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*","versionStartIncluding":"2.3.0","versionEndExcluding":"2.3.21","matchCriteriaId":"1F2313BE-DB2E-4F91-9F8D-6428B276037A"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2025","CveId":"12543","Ordinal":"1","Title":"Undertow-core: undertow http server fails to reject malformed ho","CVE":"CVE-2025-12543","Year":"2025"},"notes":[{"CveYear":"2025","CveId":"12543","Ordinal":"1","NoteData":"A flaw was found in the Undertow HTTP server core, which is used in WildFly, JBoss EAP, and other Java applications. The Undertow library fails to properly validate the Host header in incoming HTTP requests.As a result, requests containing malformed or malicious Host headers are processed without rejection, enabling attackers to poison caches, perform internal network scans, or hijack user sessions.","Type":"Description","Title":"Undertow-core: undertow http server fails to reject malformed ho"}]}}}