Lucene search

K
ibmIBMCFF78161323725A8FD12DF13E41FC085C16BC5DB4DD0560B538661E5E827574B
HistoryJun 17, 2018 - 5:09 a.m.

Security Bulletin: Multiple Security Vulnerabilities in Apache Tomcat affect IBM RLKS Administration and Reporting Tool

2018-06-1705:09:27
www.ibm.com
15

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

Summary

Apache Tomcat is shipped as a component of RLKS Administration and Reporting Tool (RLKS ART) . Information about multiple security vulnerabilities affecting Apache Tomcat, version 7.0.52, have been published in this security bulletin.

Vulnerability Details

CVE ID: CVE-2014-7810 Description: Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the use of expression language. An attacker could exploit this vulnerability to bypass the protections of a Security Manager. **CVSS Base Score:5.0
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/103155 for the current score
CVSS Environmental Score:*Undefined
CVSS Vector:**AV:N/AC:L/Au:N/C:N/I:P/A:N

CVEID: CVE-2013-4444 Description: Apache Tomcat could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions by the File Upload feature. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious JSP, which could allow the attacker to execute arbitrary JSP code on the vulnerable system. CVSS Base Score: 6.0 CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/95876&gt; for more information CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:M/Au:S/C:P/I:P/A:P) **
** CVEID: CVE-2014-0075 Description: Apache Tomcat is vulnerable to a denial of service, caused by the improper handling of a malformed chunk size as part of a chunked request. A remote attacker could exploit this vulnerability to cause a denial of service. CVSS Base Score: 5 CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/93365&gt;_ for more information CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) **
** CVEID: CVE-2014-0095 Description: Apache Tomcat is vulnerable to a denial of service, caused by the improper handling of an AJP request. A remote attacker could exploit this vulnerability to consume a request processing thread and cause a denial of service. CVSS Base Score: 4.3 CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/93366&gt; for more information CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P) **
** CVEID: CVE-2014-0096 Description: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an XML External Entity Injection (XXE) error when processing XML data by the default server. By sending specially crafted XML data, an attacker could exploit this vulnerability to obtain sensitive information. CVSS Base Score: 4.3 CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/93367&gt;_ for more information CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) **
** CVEID: CVE-2014-0099 Description: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the failure to check for overflows when parsing content length headers. By sending specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information. CVSS Base Score: 5 CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/93369&gt; for more information CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) **
** CVEID: CVE-2014-0119 Description: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by the replacement of the XML parsers used to process XSLTs for the default servlet. An attacker could exploit this vulnerability using a specially crafted application to obtain sensitive information. CVSS Base Score: 5 CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/93368&gt;_ for more information CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) **
** CVEID: CVE-2014-0227 Description: Apache Tomcat is vulnerable to HTTP request smuggling. A remote attacker could send a specially crafted request in a malformed chunked header to the Web server to cause multiple processing conflicts on the servers. An attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. CVSS Base Score: 4.3 CVSS Temporal Score: _<https://exchange.xforce.ibmcloud.com/vulnerabilities/100751&gt;_ for more information CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) **
** CVEID:CVE-2014-0230 Description: Apache Tomcat is vulnerable to a denial of service, caused by an error when uploading files. An attacker could exploit this vulnerability to consume all available memory resources. CVSS Base Score: 5.0 CVSS Temporal Score: https://exchange.xforce.ibmcloud.com/#/vulnerabilities/102131 for current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID:CVE-2015-5345 Description: Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an error when accessing a protected directory. By redirecting to the URL, an attacker could exploit this vulnerability to determine the presence of a directory.
CVSS Base Score: 5.300
CVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/110857 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID: CVE-2015-5346 Description: Apache Tomcat could allow a remote attacker to hijack a valid user’s session, caused by the failure to recycle the requestedSessionSSL field when recycling the Request object to use for a new request. By persuading a victim to visit a specially-crafted link and log into the application, a remote attacker could exploit this vulnerability to hijack another user’s account and possibly launch further attacks on the system.
CVSS Base Score: 4.300
CVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/110854 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)

CVEID: CVE-2015-5174 Description: Apache Tomcat could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing ““dot dot”” sequences (/…/) in the getResource(), getResourceAsStream() and getResourcePaths() ServletContext methods to obtain a directory listing for the directory.
CVSS Base Score: 5.300
CVSS Temporal Score: https://exchange.xforce.ibmcloud.com/vulnerabilities/110860 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

These vulnerabilities affect all versions of IBM RLKS Administration and Reporting Tool.

Remediation/Fixes

Remediation

Follow the instructions in How to manually update Apache Tomcat? to upgrade to Apache Tomcat, version 7.0.68, where these vulnerabilities have been fixed.

Workarounds and Mitigations

None

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

Related for CFF78161323725A8FD12DF13E41FC085C16BC5DB4DD0560B538661E5E827574B