Search for vulnerabilities
Vulnerability details: VCID-byuh-664q-xfg5
Vulnerability ID VCID-byuh-664q-xfg5
Aliases CVE-2022-1319
Summary undertow: Double AJP response for 400 from EAP 7 results in CPING failures
Status Published
Exploitability 0.5
Weighted Severity 6.8
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-252 Unchecked Return Value
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
cvssv3 7.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1319.json
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-1319
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-1319
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-1319
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-1319
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-1319
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-1319
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-1319
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-1319
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-1319
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-1319
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-1319
epss 0.002 https://api.first.org/data/v1/epss?cve=CVE-2022-1319
epss 0.00205 https://api.first.org/data/v1/epss?cve=CVE-2022-1319
epss 0.00205 https://api.first.org/data/v1/epss?cve=CVE-2022-1319
epss 0.00205 https://api.first.org/data/v1/epss?cve=CVE-2022-1319
epss 0.00205 https://api.first.org/data/v1/epss?cve=CVE-2022-1319
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-1319
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1319.json
https://api.first.org/data/v1/epss?cve=CVE-2022-1319
https://github.com/undertow-io/undertow/commit/1443a1a2bbb8e32e56788109d8285db250d55c8b
https://github.com/undertow-io/undertow/commit/7c5b3ab885b5638fd3f1e8a935d5063d68aa2df3
https://issues.redhat.com/browse/UNDERTOW-2060
https://security.netapp.com/advisory/ntap-20221014-0006/
1016448 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016448
2073890 https://bugzilla.redhat.com/show_bug.cgi?id=2073890
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:undertow:2.2.17:-:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.2.17:-:*:*:*:*:*:*
cpe:2.3:a:redhat:undertow:2.2.17:sp1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.2.17:sp1:*:*:*:*:*:*
cpe:2.3:a:redhat:undertow:2.2.17:sp2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.2.17:sp2:*:*:*:*:*:*
cpe:2.3:a:redhat:undertow:2.2.19:-:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.2.19:-:*:*:*:*:*:*
cpe:2.3:a:redhat:undertow:2.2.19:sp1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.2.19:sp1:*:*:*:*:*:*
cpe:2.3:a:redhat:undertow:2.3.0:alpha1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:undertow:2.3.0:alpha1:*:*:*:*:*:*
CVE-2022-1319 https://access.redhat.com/security/cve/CVE-2022-1319
CVE-2022-1319 https://nvd.nist.gov/vuln/detail/CVE-2022-1319
RHSA-2022:4918 https://access.redhat.com/errata/RHSA-2022:4918
RHSA-2022:4919 https://access.redhat.com/errata/RHSA-2022:4919
RHSA-2022:4922 https://access.redhat.com/errata/RHSA-2022:4922
RHSA-2022:5532 https://access.redhat.com/errata/RHSA-2022:5532
RHSA-2022:7409 https://access.redhat.com/errata/RHSA-2022:7409
RHSA-2022:7410 https://access.redhat.com/errata/RHSA-2022:7410
RHSA-2022:7411 https://access.redhat.com/errata/RHSA-2022:7411
RHSA-2022:7417 https://access.redhat.com/errata/RHSA-2022:7417
RHSA-2022:8761 https://access.redhat.com/errata/RHSA-2022:8761
RHSA-2025:9583 https://access.redhat.com/errata/RHSA-2025:9583
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1319.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-1319
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.42477
EPSS Score 0.002
Published At June 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-01T12:45:17.809450+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1319.json 36.1.3