CVE-2015-5351
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
71.8%
The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a token.
References
lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html
packetstormsecurity.com/files/135882/Apache-Tomcat-CSRF-Token-Leak.html
rhn.redhat.com/errata/RHSA-2016-1089.html
rhn.redhat.com/errata/RHSA-2016-2599.html
rhn.redhat.com/errata/RHSA-2016-2807.html
rhn.redhat.com/errata/RHSA-2016-2808.html
seclists.org/bugtraq/2016/Feb/148
svn.apache.org/viewvc?view=revision&revision=1720652
svn.apache.org/viewvc?view=revision&revision=1720655
svn.apache.org/viewvc?view=revision&revision=1720658
svn.apache.org/viewvc?view=revision&revision=1720660
svn.apache.org/viewvc?view=revision&revision=1720661
svn.apache.org/viewvc?view=revision&revision=1720663
tomcat.apache.org/security-7.html
tomcat.apache.org/security-8.html
tomcat.apache.org/security-9.html
www.debian.org/security/2016/dsa-3530
www.debian.org/security/2016/dsa-3552
www.debian.org/security/2016/dsa-3609
www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
www.securityfocus.com/bid/83330
www.securitytracker.com/id/1035069
www.ubuntu.com/usn/USN-3024-1
access.redhat.com/errata/RHSA-2016:1087
access.redhat.com/errata/RHSA-2016:1088
bto.bluecoat.com/security-advisory/sa118
h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442
h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626
lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
security.gentoo.org/glsa/201705-09
security.netapp.com/advisory/ntap-20180531-0001/
softwaresupport.hpe.com/document/-/facetsearch/document/KM02978021
Related
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
71.8%