Lucene search

K
amazonAmazonALAS-2019-1208
HistoryMay 16, 2019 - 11:11 p.m.

Important: tomcat8

2019-05-1623:11:00
alas.aws.amazon.com
128

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

Low

0.974 High

EPSS

Percentile

99.9%

Issue Overview:

2024-04-01: CVE-2019-0232 was removed from this advisory.

When the default servlet in Apache Tomcat returned a redirect to a directory (e.g. redirecting to ‘/foo/’ when the user requested ‘/foo’) a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice. (CVE-2018-11784)

The HTTP/2 implementation in Apache Tomcat accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for requests that utilised the Servlet API’s blocking I/O, clients were able to cause server-side threads to block eventually leading to thread exhaustion and a DoS. (CVE-2019-0199)

Affected Packages:

tomcat8

Issue Correction:
Run yum update tomcat8 to update your system.

New Packages:

noarch:  
    tomcat8-8.5.40-1.79.amzn1.noarch  
    tomcat8-docs-webapp-8.5.40-1.79.amzn1.noarch  
    tomcat8-el-3.0-api-8.5.40-1.79.amzn1.noarch  
    tomcat8-admin-webapps-8.5.40-1.79.amzn1.noarch  
    tomcat8-jsp-2.3-api-8.5.40-1.79.amzn1.noarch  
    tomcat8-log4j-8.5.40-1.79.amzn1.noarch  
    tomcat8-servlet-3.1-api-8.5.40-1.79.amzn1.noarch  
    tomcat8-webapps-8.5.40-1.79.amzn1.noarch  
    tomcat8-lib-8.5.40-1.79.amzn1.noarch  
    tomcat8-javadoc-8.5.40-1.79.amzn1.noarch  
  
src:  
    tomcat8-8.5.40-1.79.amzn1.src  

Additional References

Red Hat: CVE-2018-11784, CVE-2019-0199

Mitre: CVE-2018-11784, CVE-2019-0199

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

Low

0.974 High

EPSS

Percentile

99.9%