{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-30177", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2025-03-17T14:21:01.706Z", "datePublished": "2025-04-01T11:56:30.484Z", "dateUpdated": "2025-04-01T18:42:45.532Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://repo.maven.apache.org/maven2", "defaultStatus": "unaffected", "packageName": "org.apache.camel:camel-undertow", "product": "Apache Camel", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "4.10.3", "status": "affected", "version": "4.10.0", "versionType": "semver"}, {"lessThan": "4.8.6", "status": "affected", "version": "4.8.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Mark Thorson of AT&T"}, {"lang": "en", "type": "reporter", "value": "Mark Thorson of AT&T"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions.</p><p>This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6.</p>Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS.<br><br><div>Camel undertow component is vulnerable to Camel message header injection, in particular the custom header filter strategy used by the component only filter the \"out\" direction, while it doesn't filter the \"in\" direction.</div><br>This allows an attacker to include Camel specific headers that for some Camel components can alter the behaviour such as the camel-bean component, or the camel-exec component.<br><br>"}], "value": "Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions.\n\nThis issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6.\n\nUsers are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS.\n\nCamel undertow component is vulnerable to Camel message header injection, in particular the custom header filter strategy used by the component only filter the \"out\" direction, while it doesn't filter the \"in\" direction.\n\n\nThis allows an attacker to include Camel specific headers that for some Camel components can alter the behaviour such as the camel-bean component, or the camel-exec component."}], "metrics": [{"other": {"content": {"text": "moderate"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"description": "Bypass/Injection", "lang": "en"}]}, {"descriptions": [{"cweId": "CWE-164", "description": "CWE-164 Improper Neutralization of Internal Special Elements", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2025-04-01T11:56:30.484Z"}, "references": [{"tags": ["related"], "url": "https://camel.apache.org/security/CVE-2025-27636.html"}, {"tags": ["related"], "url": "https://camel.apache.org/security/CVE-2025-29891.html"}, {"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/dj79zdgw01j337lr9gvyy4sv8xfyw8py"}], "source": {"defect": ["CAMEL-21876"], "discovery": "UNKNOWN"}, "title": "Apache Camel: Camel-Undertow Message Header Injection via Improper Filtering", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-04-01T18:40:10.405496Z", "id": "CVE-2025-30177", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-01T18:42:45.532Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-30177", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-01T18:40:10.405496Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-01T18:42:41.062Z"}}], "cna": {"title": "Apache Camel: Camel-Undertow Message Header Injection via Improper Filtering", "source": {"defect": ["CAMEL-21876"], "discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Mark Thorson of AT&T"}, {"lang": "en", "type": "reporter", "value": "Mark Thorson of AT&T"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "moderate"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache Camel", "versions": [{"status": "affected", "version": "4.10.0", "lessThan": "4.10.3", "versionType": "semver"}, {"status": "affected", "version": "4.8.0", "lessThan": "4.8.6", "versionType": "semver"}], "packageName": "org.apache.camel:camel-undertow", "collectionURL": "https://repo.maven.apache.org/maven2", "defaultStatus": "unaffected"}], "references": [{"url": "https://camel.apache.org/security/CVE-2025-27636.html", "tags": ["related"]}, {"url": "https://camel.apache.org/security/CVE-2025-29891.html", "tags": ["related"]}, {"url": "https://lists.apache.org/thread/dj79zdgw01j337lr9gvyy4sv8xfyw8py", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions.\n\nThis issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6.\n\nUsers are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS.\n\nCamel undertow component is vulnerable to Camel message header injection, in particular the custom header filter strategy used by the component only filter the \"out\" direction, while it doesn't filter the \"in\" direction.\n\n\nThis allows an attacker to include Camel specific headers that for some Camel components can alter the behaviour such as the camel-bean component, or the camel-exec component.", "supportingMedia": [{"type": "text/html", "value": "<p>Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions.</p><p>This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6.</p>Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS.<br><br><div>Camel undertow component is vulnerable to Camel message header injection, in particular the custom header filter strategy used by the component only filter the \"out\" direction, while it doesn't filter the \"in\" direction.</div><br>This allows an attacker to include Camel specific headers that for some Camel components can alter the behaviour such as the camel-bean component, or the camel-exec component.<br><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Bypass/Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-164", "description": "CWE-164 Improper Neutralization of Internal Special Elements"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2025-04-01T11:56:30.484Z"}}}, "cveMetadata": {"cveId": "CVE-2025-30177", "state": "PUBLISHED", "dateUpdated": "2025-04-01T18:42:45.532Z", "dateReserved": "2025-03-17T14:21:01.706Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2025-04-01T11:56:30.484Z", "assignerShortName": "apache"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9FD8755-3AFF-46F8-A830-FD0BF04B5DB8", "versionEndExcluding": "4.8.6", "versionStartIncluding": "4.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*", "matchCriteriaId": "874BB2C0-D562-4EC9-A839-BAEED574AD41", "versionEndExcluding": "4.10.3", "versionStartIncluding": "4.10.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions.\n\nThis issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6.\n\nUsers are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS.\n\nCamel undertow component is vulnerable to Camel message header injection, in particular the custom header filter strategy used by the component only filter the \"out\" direction, while it doesn't filter the \"in\" direction.\n\n\nThis allows an attacker to include Camel specific headers that for some Camel components can alter the behaviour such as the camel-bean component, or the camel-exec component."}, {"lang": "es", "value": "Vulnerabilidad de omisi\u00f3n/inyecci\u00f3n en Apache Camel en el componente Camel-Undertow bajo ciertas condiciones. Este problema afecta a Apache Camel: de la versi\u00f3n 4.10.0 a la 4.10.3, y de la versi\u00f3n 4.8.0 a la 4.8.6. Se recomienda a los usuarios actualizar a la versi\u00f3n 4.10.3 para la versi\u00f3n 4.10.x LTS y a la 4.8.6 para la versi\u00f3n 4.8.x LTS. El componente Camel Undertow es vulnerable a la inyecci\u00f3n de encabezados de mensajes de Camel; en particular, la estrategia de filtrado de encabezados personalizada que utiliza el componente solo filtra la direcci\u00f3n de salida, pero no la de entrada. Esto permite a un atacante incluir encabezados espec\u00edficos de Camel que, en algunos componentes de Camel, pueden alterar el comportamiento, como los componentes camel-bean o camel-exec."}], "id": "CVE-2025-30177", "lastModified": "2025-04-15T13:00:12.587", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-04-01T12:15:15.747", "references": [{"source": "security@apache.org", "tags": ["Not Applicable"], "url": "https://camel.apache.org/security/CVE-2025-27636.html"}, {"source": "security@apache.org", "tags": ["Not Applicable"], "url": "https://camel.apache.org/security/CVE-2025-29891.html"}, {"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/dj79zdgw01j337lr9gvyy4sv8xfyw8py"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-164"}], "source": "security@apache.org", "type": "Secondary"}]}

{"bugzilla": {"description": "org.apache.camel/camel-undertow: Apache Camel: Camel-Undertow Message Header Injection via Improper Filtering", "id": "2356545", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356545"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "status": "draft"}, "cwe": "CWE-164", "details": ["Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions.\nThis issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6.\nUsers are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS.\nCamel undertow component is vulnerable to Camel message header injection, in particular the custom header filter strategy used by the component only filter the \"out\" direction, while it doesn't filter the \"in\" direction.\nThis allows an attacker to include Camel specific headers that for some Camel components can alter the behaviour such as the camel-bean component, or the camel-exec component.", "A flaw was found in the Apache Camel Undertow component. This vulnerability allows an attacker to inject Camel-specific headers via the inbound request, which can alter the behavior of certain Camel components such as camel-bean and camel-exec. This issue occurs due to the custom header filter strategy only applying to outgoing messages and not filtering incoming ones."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-30177", "package_state": [{"cpe": "cpe:/a:redhat:camel_spring_boot:4", "fix_state": "Fix deferred", "package_name": "camel-undertow", "product_name": "Red Hat build of Apache Camel for Spring Boot 4"}, {"cpe": "cpe:/a:redhat:camel_spring_boot:4", "fix_state": "Fix deferred", "package_name": "camel-undertow-spring-security", "product_name": "Red Hat build of Apache Camel for Spring Boot 4"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "camel-undertow", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "camel-undertow-spring-security", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "camel-undertow-spring-security-starter", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "camel-undertow-starter", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Not affected", "package_name": "camel-undertow", "product_name": "Red Hat Integration Camel K 1"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Not affected", "package_name": "camel-undertow-spring-security", "product_name": "Red Hat Integration Camel K 1"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8", "fix_state": "Not affected", "package_name": "camel-undertow", "product_name": "Red Hat JBoss Enterprise Application Platform 8"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "camel-undertow", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Not affected", "package_name": "camel-undertow", "product_name": "Red Hat Single Sign-On 7"}], "public_date": "2025-04-01T11:56:30Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-30177\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-30177\nhttps://camel.apache.org/security/CVE-2025-27636.html\nhttps://camel.apache.org/security/CVE-2025-29891.html\nhttps://lists.apache.org/thread/dj79zdgw01j337lr9gvyy4sv8xfyw8py"], "threat_severity": "Moderate"}