Lucene search

K
cveApacheCVE-2020-1935
HistoryFeb 24, 2020 - 10:15 p.m.

CVE-2020-1935

2020-02-2422:15:11
CWE-444
apache
web.nvd.nist.gov
1053
4
apache tomcat
http header
parsing
vulnerability
cve-2020-1935
nvd

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

AI Score

7.4

Confidence

Low

EPSS

0.002

Percentile

62.2%

In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.

Affected configurations

Nvd
Vulners
Node
apachetomcatRange7.0.07.0.99
OR
apachetomcatRange8.5.08.5.50
OR
apachetomcatRange9.0.09.0.30
OR
apachetomcatMatch9.0.0-
OR
apachetomcatMatch9.0.0milestone1
OR
apachetomcatMatch9.0.0milestone10
OR
apachetomcatMatch9.0.0milestone11
OR
apachetomcatMatch9.0.0milestone12
OR
apachetomcatMatch9.0.0milestone13
OR
apachetomcatMatch9.0.0milestone14
OR
apachetomcatMatch9.0.0milestone15
OR
apachetomcatMatch9.0.0milestone16
OR
apachetomcatMatch9.0.0milestone17
OR
apachetomcatMatch9.0.0milestone18
OR
apachetomcatMatch9.0.0milestone19
OR
apachetomcatMatch9.0.0milestone2
OR
apachetomcatMatch9.0.0milestone20
OR
apachetomcatMatch9.0.0milestone21
OR
apachetomcatMatch9.0.0milestone22
OR
apachetomcatMatch9.0.0milestone23
OR
apachetomcatMatch9.0.0milestone24
OR
apachetomcatMatch9.0.0milestone25
OR
apachetomcatMatch9.0.0milestone26
OR
apachetomcatMatch9.0.0milestone27
OR
apachetomcatMatch9.0.0milestone3
OR
apachetomcatMatch9.0.0milestone4
OR
apachetomcatMatch9.0.0milestone5
OR
apachetomcatMatch9.0.0milestone6
OR
apachetomcatMatch9.0.0milestone7
OR
apachetomcatMatch9.0.0milestone8
OR
apachetomcatMatch9.0.0milestone9
Node
debiandebian_linuxMatch8.0
OR
debiandebian_linuxMatch9.0
OR
debiandebian_linuxMatch10.0
Node
canonicalubuntu_linuxMatch16.04lts
Node
opensuseleapMatch15.1
Node
netappdata_availability_servicesMatch-
OR
netapponcommand_system_managerRange3.0.03.1.3
Node
oracleagile_engineering_data_managementMatch6.2.1.0
OR
oracleagile_product_lifecycle_managementMatch9.3.3
OR
oracleagile_product_lifecycle_managementMatch9.3.5
OR
oracleagile_product_lifecycle_managementMatch9.3.6
OR
oraclecommunications_element_managerMatch8.1.1
OR
oraclecommunications_element_managerMatch8.2.0
OR
oraclecommunications_element_managerMatch8.2.1
OR
oraclecommunications_instant_messaging_serverMatch10.0.1.4.0
OR
oraclehealth_sciences_empirica_inspectionsMatch1.0.1.2
OR
oraclehealth_sciences_empirica_signalMatch7.3.3
OR
oraclehospitality_guest_accessMatch4.2.0
OR
oraclehospitality_guest_accessMatch4.2.1
OR
oraclehyperion_infrastructure_technologyMatch11.1.2.4
OR
oracleinstantis_enterprisetrackRange17.117.3
OR
oraclemysql_enterprise_monitorRange4.0.04.0.12
OR
oraclemysql_enterprise_monitorRange8.0.08.0.20
OR
oracleretail_order_brokerMatch15.0
OR
oraclesiebel_ui_frameworkRange20.5
OR
oracletransportation_managementMatch6.3.7
OR
oracleworkload_managerMatch12.2.0.1
OR
oracleworkload_managerMatch18c
OR
oracleworkload_managerMatch19c
VendorProductVersionCPE
apachetomcat*cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
apachetomcat9.0.0cpe:2.3:a:apache:tomcat:9.0.0:-:*:*:*:*:*:*
apachetomcat9.0.0cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*
apachetomcat9.0.0cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*
apachetomcat9.0.0cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*
apachetomcat9.0.0cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*
apachetomcat9.0.0cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*
apachetomcat9.0.0cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*
apachetomcat9.0.0cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*
apachetomcat9.0.0cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*
Rows per page:
1-10 of 571

CNA Affected

[
  {
    "product": "Apache Tomcat",
    "vendor": "Apache",
    "versions": [
      {
        "status": "affected",
        "version": "Apache Tomcat 9.0.0.M1 to 9.0.30"
      },
      {
        "status": "affected",
        "version": "8.5.0 to 8.5.50"
      },
      {
        "status": "affected",
        "version": "7.0.0 to 7.0.99"
      }
    ]
  }
]

References

Social References

More

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

AI Score

7.4

Confidence

Low

EPSS

0.002

Percentile

62.2%