9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Symantec Network Protection products using affected versions of Apache Tomcat are susceptible to multiple security vulnerabilities. A remote attacker, with access to the management interface, can gain unauthorized access to a web application resource or cause denial of service in the Tomcat server. A remote SSL/TLS client can authenticate with a revoked client certificate. A malicious TLS WebSocket server can impersonate a trusted server. A Tomcat user can obtain sensitive information associated with other Tomcat users.
CVE |Affected Version(s)|Remediation
CVE-2018-1336 | 6.7 starting with 6.7.3.1 | Upgrade to 6.7.5.3.
7.1 | Upgrade to later version with fixes.
7.2 | Upgrade to 7.2.1.1.
CVE |Affected Version(s)|Remediation
CVE-2018-1336, CVE-2018-8019
CVE-2018-8020, CVE-2018-8034 | 2.2 | Upgrade to later version with fixes.
2.3 | Upgrade to 2.3.5.1.
2.4 and later | Not vulnerable, fixed
CVE |Affected Version(s)|Remediation
CVE-2017-15706, CVE-2018-1304,
CVE-2018-1305, CVE-2018-1336,
CVE-2018-8014, CVE-2018-8034 | 6.1 | Not available at this time
CVE |Affected Version(s)|Remediation
CVE-2018-1336 | 1.11, 2.1 | Upgrade to later version with fixes.
2.2 | Upgrade to 2.2.2.1.
2.3 and later | Not vulnerable, fixed in 2.3.1.1
The following products are not vulnerable:
AuthConnector
BCAAA
CacheFlow
Client Connector
Cloud Data Protection for ServiceNow
Cloud Data Protection for Oracle CRM On Demand
Cloud Data Protection Integration Server
Cloud Data Protection Communication Server
General Auth Connector Login Application
HSM Agent for the Luna SP
Mail Threat Defense
Malware Analysis
PacketShaper
PacketShaper S-Series
PolicyCenter
PolicyCenter S-Series
ProxyAV
ProxyAV ConLog and ConLogXP
ProxyClient
ProxySG
Reporter
Security Analytics
SSL Visibility
Unified Agent
Web Isolation WSS Mobile Agent X-Series XOS 11.0
Information about the following products is not available. NetDialog NetX is a replacement product for IntelligenceCenter.
IntelligenceCenter
IntelligenceCenter Data Collector
The following products are under investigation:
X-Series XOS 10.0
Severity / CVSSv3 | Medium / 5.9 (AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N) References| SecurityFocus: BID 105851 / NVD: CVE-2017-15698 Impact| Security control bypass Description | A certificate validation flaw in the Native Connector allows a remote SSL/TLS client to authenticate with a revoked certificate.
Severity / CVSSv3 | Medium / 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) References| SecurityFocus: BID 103069 / NVD: CVE-2017-15706 Impact| Unspecified Description | A flaw in the CGI servlet documentation might cause the incorrect CGI script to be executed when an HTTP client invokes a CGI servlet, resulting in unspecified impact.
Severity / CVSSv3 | Medium / 5.9 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:) References| SecurityFocus: BID 103170 / NVD: CVE-2018-1304 Impact| Security control bypass Description | A flaw in the handling of URL patterns in security constraints allows a remote attacker to gain unauthorized access to a web application resource.
Severity / CVSSv3 | Medium / 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) References| SecurityFocus: BID 103144 / NVD: CVE-2018-1305 Impact| Security control bypass Description | A flaw in security constraint enforcement that allows a remote attacker to gain unauthorized access to a web application resource.
Severity / CVSSv3 | High / 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) References| SecurityFocus: BID 104898 / NVD: CVE-2018-1336 Impact| Denial of service Description | A flaw in the UTF-8 decoder allows a remote attacker to trigger an infinite loop in the decoder, resulting in denial of service.
Severity / CVSSv3 | Critical / 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) References| SecurityFocus: BID 104203 / NVD: CVE-2018-8014 Impact| Security control bypass Description | A flaw in the CORS filter default configuration allows a remote attacker to trick an authenticated web application user to open a malicious website, which can then make cross-origin requests to the Tomcat server.
Severity / CVSSv3 | High / 7.4 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N) References| SecurityFocus: BID 104936 / NVD: CVE-2018-8019 Impact| Security control bypass Description | A OCSP response handling flaw in the Native Connector that allows a remote SSL/TLS client to authenticate with a revoked certificate.
Severity / CVSSv3 | High / 7.4 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N) References| SecurityFocus: BID 104934 / NVD: CVE-2018-8020 Impact| Security control bypass Description | A OCSP response handling flaw in the Native Connector allows a remote SSL/TLS client to authenticate with a revoked certificate.
Severity / CVSSv3 | High / 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) References| SecurityFocus: BID 104895 / NVD: CVE-2018-8034 Impact| Impersonation of a trusted entity Description | A hostname verification flaw in the WebSocket TLS client allows a remote malicious TLS server to impersonate a trusted TLS server.
Severity / CVSSv3 | Medium / 5.9 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) References| SecurityFocus: BID 104894 / NVD: CVE-2018-8037 Impact| Information disclosure Description | A flaw in asynchronous request handling allows a Tomcat user to see responses for HTTP requests associated with other Tomcat users.
Apache Tomcat 7 vulnerabilities - <https://tomcat.apache.org/security-7.html>
Apache Tomcat 8 vulnerabilities - <https://tomcat.apache.org/security-8.html>
Apache Tomcat 9 vulnerabilities - <https://tomcat.apache.org/security-9.html>
2020-06-01 A fix for Advanced Secure Gateway (ASG) 7.2 is available in 7.2.1.1. Advisory Status changed to Closed.
2020-04-16 A fix for Advanced Secure Gateway (ASG) 6.7 is available in 6.7.5.3. ASG 7.1 and 7.2 are vulnerable to CVE-2018-1336. A fix will not be provided for ASG 7.1. Please upgrade to a later version with the vulnerability fixes.
2020-04-05 CA 2.4 is not vulnerable because a fix is available in 2.4.1.1. Information about IntelligenceCenter is not available. NetDialog NetX is a replacement product for Intelligence Center.
2019-10-03 Web Isolation is not vulnerable.
2019-09-05 A fix for MC 2.1 will not be provided. Please upgrade to a later version with the vulnerability fixes.
2019-08-07 A fix for MC 2.0 will not be provided. Please upgrade to a later version with the vulnerability fixes. A fix for CVE-2018-1336 in MC 2.2 is available in 2.2.2.1. MC 2.3 is not vulnerable because a fix is available in 2.3.1.1.
2019-02-04 A fix for CA 2.2 will not be provided. Please upgrade to later version with the vulnerability fixes.
2019-01-14 A fix for CA 2.3 is available in 2.3.5.1. Added remaining Security Focus BID numbers and NVD CVSS base scores. MC 2.1 is vulnerable to CVE-2018-1336. A fix for MC 1.11 will not be provided. Please upgrade to a later version with the vulnerability fixes.
2018-10-11 initial public release
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P