Linux Distros Unpatched Vulnerability : CVE-2025-47287

🗓️ 18 Aug 2025 00:00:00Reported by TenableType

CVE-2025-47287: Linux Tornado DoS via multipart/form-data parser; affected before 6.5.0; patch 6.50

Reporter	Title	Published	Views	Family All 209
IBM Security Bulletins	Security Bulletin: Tornado multipart/form-data Parser Vulnerability Enables Log-Based DoS Attack (Pre-6.5.0), which affects IBM watsonx.data	1 Sep 202514:49	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities affecting IBM Watson Studio in Cloud Pak for Data Are Addressed	28 Aug 202509:51	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to tornado-6.4.2-cp38-abi3-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl CVE-2025-47287	1 Sep 202513:06	–	ibm
Tenable Nessus	Amazon Linux 2023 : python3-tornado (ALAS2023-2025-1002)	12 Jun 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : python-tornado (ALAS-2025-2888)	12 Jun 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : python3-tornado (ALAS-2025-2889)	12 Jun 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : python-tornado (ALSA-2025:8136)	27 May 202500:00	–	nessus
Tenable Nessus	Debian dla-4188 : python-tornado-doc - security update	29 May 202500:00	–	nessus
Tenable Nessus	Debian dsa-5938 : python-tornado-doc - security update	6 Jun 202500:00	–	nessus
Tenable Nessus	MiracleLinux 9 : python-tornado-6.4.2-2.el9_6.2 (AXSA:2025-10491:02)	13 Jan 202600:00	–	nessus

Source	Link
access	www.access.redhat.com/security/cve/cve-2025-47287
ubuntu	www.ubuntu.com/security/CVE-2025-47287
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(251625);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/10/27");

  script_cve_id("CVE-2025-47287");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2025-47287");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - Tornado is a Python web framework and asynchronous networking library. When Tornado's ``multipart/form-
    data`` parser encounters certain errors, it logs a warning but continues trying to parse the remainder of
    the data. This allows remote attackers to generate an extremely high volume of logs, constituting a DoS
    attack. This DoS is compounded by the fact that the logging subsystem is synchronous. All versions of
    Tornado prior to 6.5.0 are affected. The vulnerable parser is enabled by default. Upgrade to Tornado
    version 6.50 to receive a patch. As a workaround, risk can be mitigated by blocking `Content-Type:
    multipart/form-data` in a proxy. (CVE-2025-47287)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2025-47287");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2025-47287");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:U/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:U/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-47287");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2025/05/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/08/18");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:9");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python-tornado");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pcs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pcs-snmp");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
  script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
  script_require_ports("Host/OS/Red Hat Enterprise Linux-9", "Host/OS/Ubuntu Linux-16.04", "Host/OS/Ubuntu Linux-18.04", "Host/OS/Ubuntu Linux-20.04");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l")) && empty_or_null(get_one_kb_item("Host/RedHat/rpm-list"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Ubuntu Linux-16.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "16.04",
        "pkgs": [
          {"reference": "python-tornado"},
          {"reference": "python3-tornado"}
        ]
      }
    ]
  },
  "Ubuntu Linux-18.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "18.04",
        "pkgs": [
          {"reference": "python-tornado"}
        ]
      }
    ]
  },
  "Ubuntu Linux-20.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "20.04",
        "pkgs": [
          {"reference": "python-tornado"}
        ]
      }
    ]
  },
  "Red Hat Enterprise Linux-9": {
    "package_manager": "rpm-list",
    "constraints": [
      {
        "release": "9",
        "pkgs": [
          {"reference": "pcs"},
          {"reference": "pcs-snmp"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

27 Oct 2025 00:00Current

6.9Medium risk

Vulners AI Score6.9

CVSS 3.17.5

EPSS0.00636

SSVC