CVE-2022-45059 is a high-severity vulnerability affecting Varnish Cache versions 7.x prior to 7.1.2 and 7.2.x prior to 7.2.1. Varnish Cache is a widely used HTTP accelerator designed to improve web application performance by caching content. The vulnerability arises from improper handling of HTTP headers, specifically in the context of request smuggling attacks. An attacker can craft HTTP requests that manipulate certain headers to be treated as hop-by-hop headers, which are headers that should only be processed by a single transport-level connection and not forwarded to backend servers. By marking critical headers as hop-by-hop, the Varnish Cache server fails to forward them to the backend, potentially allowing the attacker to bypass security controls or interfere with backend processing. This can lead to integrity violations, such as unauthorized modification or injection of HTTP requests, without requiring authentication or user interaction. The CVSS 3.1 base score is 7.5, reflecting the network attack vector, low attack complexity, no privileges required, no user interaction, and an impact limited to integrity compromise without affecting confidentiality or availability. The vulnerability is classified under CWE-444 (Inconsistent Interpretation of HTTP Requests), which is typical for request smuggling issues. No known exploits are reported in the wild yet, but the nature of the vulnerability makes it a significant risk for systems relying on vulnerable Varnish Cache versions.

For European organizations, this vulnerability poses a substantial risk, especially for those using Varnish Cache as part of their web infrastructure. The ability to perform request smuggling attacks can allow attackers to bypass security mechanisms, manipulate backend requests, or conduct further attacks such as web cache poisoning or unauthorized access to internal services. This can compromise the integrity of web applications, potentially leading to data manipulation or unauthorized actions within critical business processes. Given the widespread use of Varnish Cache in content delivery and web acceleration, sectors such as finance, government, e-commerce, and telecommunications in Europe could be particularly impacted. The attack does not directly affect confidentiality or availability but can undermine trust in web services and lead to indirect impacts such as fraud or service misuse. The lack of required authentication and user interaction increases the risk of exploitation, making it easier for remote attackers to leverage this vulnerability.

European organizations should prioritize upgrading Varnish Cache to versions 7.1.2 or 7.2.1 and later, where this vulnerability has been addressed. In environments where immediate patching is not feasible, organizations should implement strict input validation and filtering at the web application firewall (WAF) or reverse proxy level to detect and block suspicious header manipulations indicative of request smuggling attempts. Monitoring HTTP traffic for anomalies related to hop-by-hop headers and unusual request patterns can help in early detection. Additionally, reviewing and hardening backend server configurations to reject malformed or suspicious requests can reduce the attack surface. Network segmentation and limiting exposure of Varnish Cache servers to untrusted networks can further mitigate risk. Organizations should also ensure that logging and alerting mechanisms are in place to capture potential exploitation attempts for timely incident response.