CVE-2026-3234

Mod_proxy_cluster: mod_proxy_cluster: response body corruption via crlf injection

CVSS 4.3 MEDIUMEPSS 0.3%CWE-93

Vexday Risk Score

13Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 4.3EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

12 mar 2026Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

A flaw was found in mod_proxy_cluster. This vulnerability, a Carriage Return Line Feed (CRLF) injection in the decodeenc() function, allows a remote attacker to bypass input validation. By injecting CRLF sequences into the cluster configuration, an attacker can corrupt the response body of INFO endpoint responses. Exploitation requires network access to the MCMP protocol port, but no authentication is needed.

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Productos afectados

Red Hat · Red Hat Enterprise Linux 10 Red Hat · Red Hat Enterprise Linux 9 Red Hat · Red Hat JBoss Core Services

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://access.redhat.com/security/cve/CVE-2026-3234 https://bugzilla.redhat.com/show_bug.cgi?id=2442889