Skip to main content

Red Hat CVE-2026-3234

MEDIUM
Improper Neutralization of CRLF Sequences ('CRLF Injection') (CWE-93)
2026-03-12 secalert@redhat.com
4.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.3 MEDIUM
AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Red Hat
4.3 LOW
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 19:57 vuln.today
CVE Published
Mar 12, 2026 - 11:15 nvd
MEDIUM 4.3

DescriptionCVE.org

A flaw was found in mod_proxy_cluster. This vulnerability, a Carriage Return Line Feed (CRLF) injection in the decodeenc() function, allows a remote attacker to bypass input validation. By injecting CRLF sequences into the cluster configuration, an attacker can corrupt the response body of INFO endpoint responses. Exploitation requires network access to the MCMP protocol port, but no authentication is needed.

AnalysisAI

mod_proxy_cluster's decodeenc() function is vulnerable to CRLF injection, enabling unauthenticated attackers with network access to the MCMP protocol port to manipulate cluster configuration and corrupt INFO endpoint responses. This input validation bypass affects systems relying on mod_proxy_cluster for load balancing and cluster management. No patch is currently available for this medium-severity vulnerability.

Technical ContextAI

A flaw was found in mod_proxy_cluster. This vulnerability, a Carriage Return Line Feed (CRLF) injection in the decodeenc() function, allows a remote attacker to bypass input validation. By injecting CRLF sequences into the cluster configuration, an attacker can corrupt the response body of INFO endpoint responses. Exploitation requires network access to the MCMP protocol port, but no authentication is needed.

Affected ProductsAI

mod_proxy_cluster

RemediationAI

Monitor vendor advisories for a patch.

Vendor StatusVendor

Share

CVE-2026-3234 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy