ROSA LABROSA-SA-2023-2258Advisory ROSA-SA-2023-2258
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
8.9 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.922 High
EPSS
Percentile
98.9%
software: tomcat 9.0.37
WASP: ROSA-CHROME
package_evr_string: tomcat-9.0.37-3.src.rpm
CVE-ID: CVE-2020-9484
BDU-ID: 2020-03620
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the PersistenceManager component of the Apache Tomcat application server is related to the recovery of invalid data in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code using a specially crafted request
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update tomcat
CVE-ID: CVE-2021-24122
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59, and 7.0.0 to 7.0.106 were prone to JSP source code disclosure in some configurations. The main cause was unexpected behavior of the JRE API File.getCanonicalPath(), which in turn was caused by inconsistent behavior of the Windows API (FindFirstFileW) in some circumstances.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update tomcat
CVE-ID: CVE-2021-25122
BDU-ID: 2021-01807
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the HTTP/2 network protocol implementation of the Apache Tomcat application server is related to a lack of service data protection. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and availability of protected information
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update tomcat
CVE-ID: CVE-2021-25329
BDU-ID: 2021-01808
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the Apache Tomcat application server configuration implementation is related to the recovery of invalid data in memory as a result of buffer deserialization. Exploitation of the vulnerability could allow an attacker to execute arbitrary code using a specially crafted request
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update tomcat
CVE-ID: CVE-2021-30640
BDU-ID: 2021-03686
CVE-Crit: MEDIUM
CVE-DESC.: An implementation vulnerability in the JNDIRealm module of the Apache Tomcat application server is related to a flaw in the authentication mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update tomcat
CVE-ID: CVE-2021-33037
BDU-ID: 2021-03688
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in Apache Tomcat application server is related to a flaw in the processing of HTTP requests. Exploitation of the vulnerability could allow an attacker acting remotely to send a covert HTTP request (HTTP Request Smuggling attack).
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update tomcat
CVE-ID: CVE-2021-41079
BDU-ID: 2022-02994
CVE-Crit: HIGH
CVE-DESC.: An Apache Tomcat application server vulnerability exists due to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted packet
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update tomcat
CVE-ID: CVE-2021-42340
BDU-ID: 2021-06115
CVE-Crit: N/A
CVE-DESC.: Apache Tomcat application server vulnerability is related to a memory leak. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service as a result of fixing bug 63362
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update tomcat
CVE-ID: CVE-2021-43980
BDU-ID: None
CVE-Crit: LOW
CVE-DESC.: A simplified read-write lock implementation introduced in Tomcat 10 and backported to Tomcat 9.0.47 and later has revealed a long-standing (but extremely difficult to run) concurrency bug in Apache Tomcat 10.1.0-10.1.0-M12, 10.0. 0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60, and 8.5.0 to 8.5.77, which could cause client connections to share a common Http11Processor instance, causing responses or portions of responses to be received by the wrong client. .
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update tomcat
CVE-ID: CVE-2022-23181
BDU-ID: 2022-06690
CVE-Crit: MEDIUM
CVE-DESC.: An Apache Tomcat application server vulnerability is related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker to escalate their privileges
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update tomcat
CVE-ID: CVE-2022-25762
BDU-ID: 2022-03062
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in Apache Tomcat application server is related to errors in simultaneously closing a WebSocket connection and sending a WebSocket message. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information or have other impact
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update tomcat
CVE-ID: CVE-2022-29885
BDU-ID: 2022-03434
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the implementation of the EncryptInterceptor class of the Apache Tomcat application server is related to incomplete program execution documentation. Exploiting the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update tomcat
CVE-ID: CVE-2022-34305
BDU-ID: 2022-03746
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the forms-based authentication examples in the Apache Tomcat Application Server web application examples exists due to failure to take measures to protect the structure of the web page. Exploitation of the vulnerability could allow a remote attacker to conduct a cross-site scripting (XSS) attack
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update tomcat
CVE-ID: CVE-2022-42252
BDU-ID: 2022-07501
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the implementation of the rejectIllegalHeader attribute of the Apache Tomcat application server is related to flaws in the processing of HTTP requests containing the Content-Length header. Exploitation of the vulnerability could allow a remote attacker to send a hidden HTTP request (HTTP Request Smuggling attack).
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update tomcat
CVE-ID: CVE-2023-28708
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: When using RemoteIpFilter with requests received from a reverse proxy server over HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11.0.0-M1, up to 11.0.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M1 to 9.0.71, and 8.5.0 to 8.5.85 did not include the Secure attribute. This may cause the user agent to transmit a session cookie over an insecure channel.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update tomcat
Related
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
8.9 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.922 High
EPSS
Percentile
98.9%