K32469285: Apache Tomcat vulnerability CVE-2021-33037

🗓️ 21 Feb 2023 18:35:43Reported by f5Type

f5🔗 my.f5.com👁 52 Views

Apache Tomcat vulnerability CVE-2021-33037: HTTP transfer-encoding parsing issu

Reporter	Title	Published	Views	Family All 210
IBM Security Bulletins	Security Bulletin: Bulletin: App Connect Professional is affected by Apache Tomcat vulnerabilities.	28 Sep 202112:41	–	ibm
IBM Security Bulletins	Security Bulletin: IBM® Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.8	18 Oct 202407:56	–	ibm
IBM Security Bulletins	Security Bulletin: IBM UrbanCode Build is affected by CVE-2021-33037	9 Feb 202216:28	–	ibm
IBM Security Bulletins	Security Bulletin: CVE-2021-33037 Apache Tomcat 8.5.66 did not correctly parse the HTTP transfer-encoding request header leading to the possibility to request smuggling when used with a reverse proxy	1 Sep 202119:52	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Rational Build Forge is affected by Apache Tomcat version used in it. (CVE-2021-33037)	7 Jul 202216:30	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem V9000 products	29 Mar 202301:48	–	ibm
IBM Security Bulletins	Security Bulletin: IBM UrbanCode Release is affected by CVE-2021-33037	25 Jan 202207:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities	11 Oct 202118:12	–	ibm
Tenable Nessus	Apache Tomcat < 9.0.48 Vulnerability	12 Jul 202100:00	–	nessus
Tenable Nessus	Apache Tomcat < 8.5.68 Vulnerability	12 Jul 202100:00	–	nessus

Vulners

Node

f5 traffix_sdcRange5.1.0–5.2.0

15 Sep 2025 22:20Current

7.9High risk

Vulners AI Score7.9

CVSS 25

CVSS 3.15.3

EPSS0.01865