Lucene search

CVE-2018-8014

🗓️ 16 May 2018 16:00:29Reported by [email protected]Type

Insecure CORS filter settings in Apache Tomcat 9.0.0.M1-9.0.8, 8.5.0-8.5.31, 8.0.0.RC1-8.0.52, 7.0.41-7.0.88

Reporter	Title	Published	Views	Family All 114
UbuntuCve	CVE-2018-8014	16 May 201800:00	–	ubuntucve
IBM Security Bulletins	Security Bulletin: Vulnerability in Apache Tomcat affects IBM Platform Symphony	1 Sep 202113:53	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Apache Tomcat, Open SSL, and Apache HTTPD affects Rational Build Forge	21 Nov 201822:55	–	ibm
IBM Security Bulletins	Security Bulletin: Cloud Pak for Security contains packages that have multiple vulnerabilities	1 Apr 202216:38	–	ibm
OpenVAS	Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2018-1220)	23 Jan 202000:00	–	openvas
OpenVAS	Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2018-1227)	23 Jan 202000:00	–	openvas
OpenVAS	Apache Tomcat 'CORS Filter' Setting Security Bypass Vulnerability	22 May 201800:00	–	openvas
OpenVAS	Debian: Security Advisory (DLA-1883-1)	14 Aug 201900:00	–	openvas
OpenVAS	Fedora Update for tomcat FEDORA-2018-b1832101b8	30 Aug 201800:00	–	openvas
OpenVAS	openSUSE: Security Advisory for tomcat (openSUSE-SU-2018:2740-1)	18 Sep 201800:00	–	openvas

Nvd

Node

apache tomcatRange7.0.41–7.0.88

apache tomcatRange8.0.0–8.0.52

apache tomcatRange8.5.0–8.5.31

apache tomcatRange9.0.0–9.0.8

apache tomcatMatch8.0.0rc1

apache tomcatMatch9.0.0milestone1

Node

canonical ubuntu_linuxMatch14.04lts

canonical ubuntu_linuxMatch16.04lts

canonical ubuntu_linuxMatch17.10

canonical ubuntu_linuxMatch18.04lts

Node

debian debian_linuxMatch8.0

Node

netapp oncommand_insightMatch-

netapp oncommand_unified_managerRange9.4≥vmware_vsphere

netapp oncommand_workflow_automationMatch-

netapp snapcenter_serverMatch-

netapp storage_automation_storeMatch-

Node

netapp oncommand_unified_managerRange7.3≥

AND

microsoft windowsMatch-

Source	Link
access	www.access.redhat.com/errata/RHSA-2018:3768
security	www.security.netapp.com/advisory/ntap-20181018-0002/
lists	www.lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E
securitytracker	www.securitytracker.com/id/1041888
access	www.access.redhat.com/errata/RHSA-2019:0450
seclists	www.seclists.org/bugtraq/2019/Dec/43
lists	www.lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E
oracle	www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
lists	www.lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
access	www.access.redhat.com/errata/RHSA-2019:2205

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 May 2018 16:29Current

9.2High risk

Vulners AI Score9.2

CVSS27.5

CVSS39.8

EPSS0.14808

CWE-1188