IBM3E52F30DE645ED79947372BF790D5DAB4B5FA29866C26DA53811D62A4E0B3206Security Bulletin: Open Source Apache Tomcat Vulnerabilities (CVE-2016-6817, CVE-2016-8735, CVE-2016-6816)
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Summary
Issues with Apache Tomcat Vulnerabilities have been addressed.
Vulnerability Details
CVEID: CVE-2016-6817 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service. By sending a specially crafted HTTP/2 header, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/119156 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID: CVE-2016-8735 DESCRIPTION: Apache Tomcat could allow a remote attacker to execute arbitrary code on the system, caused by an error in the JmxRemoteLifecycleListener. By sending specially crafted data to a JMX port, an attacker could exploit this vulnerability to execute arbitrary code on the system with elevated privileges.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/119157 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2016-6816 DESCRIPTION: Apache Tomcat is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information.
CVSS Base Score: 6.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/119158 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
Affected Products and Versions
IBM UrbanCode Deploy 6.0, 6.0.1, 6.0.1.1, 6.0.1.2, 6.0.1.3, 6.0.1.4, 6.0.1.5, 6.0.1.6, 6.0.1.7, 6.0.1.8, 6.0.1.9, 6.0.1.10, 6.0.1.11, 6.0.1.12, 6.0.1.13, 6.0.1.14, 6.1, 6.1.0.1, 6.1.0.2, 6.1.0.3, 6.1.0.4, 6.1.1, 6.1.1.1, 6.1.1.2, 6.1.1.3, 6.1.1.4, 6.1.1.5, 6.1.1.6, 6.1.1.7, 6.1.1.8, 6.1.2, 6.1.3, 6.1.3.1, 6.1.3.2, 6.1.3.3, 6.2.0.0, 6.2.0.1, 6.2.0.2, 6.2.1, 6.2.1.1, 6.2.2, 6.2.2.1 on all supported platforms.
Remediation/Fixes
For IBM UrbanCode Deploy versions 6.2 through 6.2.2.1, upgrade to IBM UrbanCode Deploy 6.2.3.
For IBM UrbanCode Deploy versions 6.1 to 6.1.3.3, upgrade the server to IBM UrbanCode Deploy 6.1.3.4.
For IBM UrbanCode Deploy versions 6.0 to 6.0.1.14, upgrade the server to IBM UrbanCode Deploy 6.0.1.15.
Workarounds and Mitigations
None
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P