Varnish Cache HTTP/2 Request Smuggling and VCL Authorization Bypass Vulnerability

Varnish Cache HTTP/2 Request Smuggling and VCL Authorization Bypass Vulnerability

CVE-2021-36740 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects Varnish Enterprise 6.0.x before 6.0.8r3, and Varnish Cache 5.x and 6.x before 6.5.2, 6.6.x before 6.6.1, and 6.0 LTS before 6.0.8.

Learn more about our Web Application Penetration Testing UK.