CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
53.5%
Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application.
Vendor | Product | Version | CPE |
---|---|---|---|
apache | tomcat | 8.0.0 | cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:* |
apache | tomcat | 8.0.0 | cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:* |
apache | tomcat | 8.0.0 | cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:* |
apache | tomcat | 8.0.0 | cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:* |
apache | tomcat | 8.0.1 | cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:* |
apache | tomcat | 8.0.3 | cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:* |
apache | tomcat | 8.0.5 | cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:* |
apache | tomcat | * | cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* |
apache | tomcat | 6 | cpe:2.3:a:apache:tomcat:6:*:*:*:*:*:*:* |
apache | tomcat | 6.0 | cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:* |
advisories.mageia.org/MGASA-2014-0268.html
marc.info/?l=bugtraq&m=141017844705317&w=2
marc.info/?l=bugtraq&m=144498216801440&w=2
rhn.redhat.com/errata/RHSA-2015-0675.html
rhn.redhat.com/errata/RHSA-2015-0720.html
rhn.redhat.com/errata/RHSA-2015-0765.html
seclists.org/fulldisclosure/2014/Dec/23
seclists.org/fulldisclosure/2014/May/141
secunia.com/advisories/59732
secunia.com/advisories/59873
secunia.com/advisories/60729
svn.apache.org/viewvc?view=revision&revision=1588193
svn.apache.org/viewvc?view=revision&revision=1588199
svn.apache.org/viewvc?view=revision&revision=1589640
svn.apache.org/viewvc?view=revision&revision=1589837
svn.apache.org/viewvc?view=revision&revision=1589980
svn.apache.org/viewvc?view=revision&revision=1589983
svn.apache.org/viewvc?view=revision&revision=1589985
svn.apache.org/viewvc?view=revision&revision=1589990
svn.apache.org/viewvc?view=revision&revision=1589992
svn.apache.org/viewvc?view=revision&revision=1589997
svn.apache.org/viewvc?view=revision&revision=1590028
svn.apache.org/viewvc?view=revision&revision=1590036
svn.apache.org/viewvc?view=revision&revision=1593815
svn.apache.org/viewvc?view=revision&revision=1593821
tomcat.apache.org/security-6.html
tomcat.apache.org/security-7.html
tomcat.apache.org/security-8.html
www-01.ibm.com/support/docview.wss?uid=swg21678231
www-01.ibm.com/support/docview.wss?uid=swg21681528
www.debian.org/security/2016/dsa-3530
www.debian.org/security/2016/dsa-3552
www.mandriva.com/security/advisories?name=MDVSA-2015:052
www.mandriva.com/security/advisories?name=MDVSA-2015:053
www.mandriva.com/security/advisories?name=MDVSA-2015:084
www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
www.securityfocus.com/archive/1/534161/100/0/threaded
www.securityfocus.com/bid/67669
www.securitytracker.com/id/1030298
www.ubuntu.com/usn/USN-2654-1
www.vmware.com/security/advisories/VMSA-2014-0012.html
h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E