EUVD-2022-4402

🗓️ 06 Jun 2017 14:00:00Reported by EUVDType

euvd🔗 euvdservices.enisa.europa.eu👁 1 Views

Java Servlet error page mechanism forwards requests, impacting static and custom error page behavior.

Reporter	Title	Published	Views	Family All 202
IBM Security Bulletins	Security Bulletin: Open Source Apache Tomcat Vulnerabilities affect Algo One - Core	15 Jun 201823:48	–	ibm
IBM Security Bulletins	Security Bulletin: Rational Test Control Panel in Rational Test Workbench and Rational Test Virtualization Server affected by Apache Tomcat vulnerability (CVE-2017-5664)	17 Jun 201805:24	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities in Apache Tomcat affect multiple IBM Rational products based on IBM's Jazz technology	28 Apr 202118:35	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Reporting for Development Intelligence	17 Jun 201805:22	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium Big Data Intelligence (SonarG) is vulnerable to using Components with Known Vulnerabilities	16 Jun 201822:05	–	ibm
IBM Security Bulletins	Security Bulletin: Rational Build Forge Security Advisory for Apache HTTPD, Apache Tomcat and OpenSSL Upgrade	17 Jun 201805:24	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Insight	17 Jun 201805:22	–	ibm
IBM Security Bulletins	Security Bulletin: WebSphere Message Broker is affected by a Open Source Apache Tomcat Vulnerability (CVE-2017-5664 )	15 Jun 201807:08	–	ibm
IBM Security Bulletins	Security Bulletin: Open Source Apache Tomcat Vulnerabilities affect Algo One - Counterparty Credit Risk	15 Jun 201823:48	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Integration Bus is affected by a Open Source Apache Tomcat Vulnerability (CVE-2017-5664 )	23 Mar 202020:41	–	ibm

[
  {
    "enisaIdVendor": [
      {
        "id": "5a4fe565-6623-3704-b049-20ae1b61f5f7",
        "vendor": {
          "name": "Apache Software Foundation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0b41c948-5de5-318e-84c8-fd28295892f2",
        "product": {
          "name": "Apache Tomcat"
        },
        "product_version": "8.5.0 to 8.5.14"
      },
      {
        "id": "117bd0b3-9708-3b4f-bf76-91fc254cf5ee",
        "product": {
          "name": "Apache Tomcat"
        },
        "product_version": "7.0.0 to 7.0.77"
      },
      {
        "id": "d3e5de38-e59d-3248-9b61-d2653f860804",
        "product": {
          "name": "Apache Tomcat"
        },
        "product_version": "9.0.0.M1 to 9.0.0.M20"
      },
      {
        "id": "f6f011f1-ad6d-35f1-a1b2-2d5d019f8a1e",
        "product": {
          "name": "Apache Tomcat"
        },
        "product_version": "8.0.0.RC1 to 8.0.43"
      }
    ]
  }
]

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2017-5664
github	www.github.com/apache/tomcat80/commit/e070a31ec81b56377822e44883c64abb41f36a3b
github	www.github.com/apache/tomcat80/commit/25d3c0d93190ef165ecd6c744bc15b5059abfa8f
github	www.github.com/apache/tomcat/commit/7d93527254d9e9371b342800617f20d13c8b85ad
github	www.github.com/apache/tomcat/commit/58b32048ce25cb812ae394dafb0cd57254c68155
github	www.github.com/apache/tomcat/commit/4545dcce444aa619374a659cb450dbbd0be3c921
github	www.github.com/apache/tomcat/commit/3bfe9fb886598c4d8ecbe674216152006bbce456
github	www.github.com/apache/tomcat/commit/3242efea525df01d15da6e90ea69a9a21b10b454
github	www.github.com/apache/tomcat/commit/29893e66111d33cfe99dd01cb146317c0c262ef4
lists	www.lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E

05 Aug 2024 15:11Current

7.7High risk

Vulners AI Score7.7

CVSS 37.5

CVSS 25

EPSS0.10802