Lucene search

GitHub Advisory DatabaseGHSA-6VX3-HR43-CFRH

HistoryMay 14, 2022 - 1:10 a.m.

Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat

2022-05-1401:10:17

CWE-200

GitHub Advisory Database

github.com

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

67.7%

JSON

Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allows remote authenticated users to bypass intended SecurityManager restrictions and read arbitrary HTTP requests, and consequently discover session ID values, via a crafted web application.

CPENameOperatorVersion
org.apache.tomcat:tomcatle6.0.44
org.apache.tomcat:tomcatle8.0.30
org.apache.tomcat:tomcateq9.0.0.M1

Name	Operator	Version
org.apache.tomcat:tomcat	le	6.0.44
org.apache.tomcat:tomcat	le	8.0.30
org.apache.tomcat:tomcat	eq	9.0.0.M1

References

lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00082.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html

marc.info/?l=bugtraq&m=145974991225029&w=2

rhn.redhat.com/errata/RHSA-2016-1089.html

rhn.redhat.com/errata/RHSA-2016-2045.html

rhn.redhat.com/errata/RHSA-2016-2599.html

rhn.redhat.com/errata/RHSA-2016-2807.html

rhn.redhat.com/errata/RHSA-2016-2808.html

seclists.org/bugtraq/2016/Feb/144

svn.apache.org/viewvc?view=revision&revision=1722799

svn.apache.org/viewvc?view=revision&revision=1722800

svn.apache.org/viewvc?view=revision&revision=1722801

svn.apache.org/viewvc?view=revision&revision=1722802

tomcat.apache.org/security-6.html

tomcat.apache.org/security-7.html

tomcat.apache.org/security-8.html

tomcat.apache.org/security-9.html

www.debian.org/security/2016/dsa-3530

www.debian.org/security/2016/dsa-3552

www.debian.org/security/2016/dsa-3609

www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html

www.ubuntu.com/usn/USN-3024-1

access.redhat.com/errata/RHSA-2016:1087

access.redhat.com/errata/RHSA-2016:1088

bto.bluecoat.com/security-advisory/sa118

github.com/advisories/GHSA-6vx3-hr43-cfrh

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626

lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

nvd.nist.gov/vuln/detail/CVE-2016-0706

security.gentoo.org/glsa/201705-09

security.netapp.com/advisory/ntap-20180531-0001/

web.archive.org/web/20160226210040/www.securityfocus.com/bid/83324

web.archive.org/web/20160321234551/www.securitytracker.com/id/1035069

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

67.7%

JSON

Related for GHSA-6VX3-HR43-CFRH