Lucene search

K
tomcatApache TomcatTOMCAT:3594E2AFE5FA0E4544AECF1CFE736974
HistoryOct 01, 2015 - 12:00 a.m.

Fixed in Apache Tomcat 8.0.27

2015-10-0100:00:00
Apache Tomcat
tomcat.apache.org
20

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.002

Percentile

61.9%

Low: Limited directory traversal CVE-2015-5174

This issue only affects users running untrusted web applications under a security manager.

When accessing resources via the ServletContext methods getResource() getResourceAsStream() and getResourcePaths() the paths should be limited to the current web application. The validation was not correct and paths of the form “/…” were not rejected. Note that paths starting with “/…/” were correctly rejected. This bug allowed malicious web applications running under a security manager to obtain a directory listing for the directory in which the web application had been deployed. This should not be possible when running under a security manager. Typically, the directory listing that would be exposed would be for $CATALINA_BASE/webapps.

This was fixed in revisions 1696281 and 1700897.

This issue was identified by the Tomcat security team on 12 August 2015 and made public on 22 February 2016.

Affects: 8.0.0-RC1 to 8.0.26

Affected configurations

Vulners
Node
apachetomcatRange8.0.0-RC1
OR
apachetomcatRange8.0.26
VendorProductVersionCPE
apachetomcat*cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.002

Percentile

61.9%