7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
tomcat-coyote is vulnerable to denial of service (DoS) attacks. The vulnerability is a result of backporting a fix for CVE-2016-6816 but not backporting the fix for the Tomcat bug 57544 which fails to handle an exceptional condition check for pos
while processing HTTPS requests in the Apache Tomcat servlet and JSP engine.
rhn.redhat.com/errata/RHSA-2017-0517.html
rhn.redhat.com/errata/RHSA-2017-0826.html
rhn.redhat.com/errata/RHSA-2017-0827.html
rhn.redhat.com/errata/RHSA-2017-0828.html
rhn.redhat.com/errata/RHSA-2017-0829.html
www.debian.org/security/2017/dsa-3787
www.debian.org/security/2017/dsa-3788
www.securityfocus.com/bid/96293
www.securitytracker.com/id/1037860
bugs.debian.org/851304
bugs.debian.org/cgi-bin/bugreport.cgi?bug=851304
bz.apache.org/bugzilla/show_bug.cgi?id=60578
github.com/apache/tomcat80/commit/614e7f78aecc429d8740bb59900c2f9fbc86a788
lists.apache.org/thread.html/6b414817c2b0bf351138911c8c922ec5dd577ebc0b9a7f42d705752d@%3Cissues.activemq.apache.org%3E
lists.apache.org/thread.html/ac51944aef91dd5006b8510b0bef337adaccfe962fb90e7af9c22db4@%3Cissues.activemq.apache.org%3E
lists.debian.org/debian-security-announce/2017/msg00038.html
lists.debian.org/debian-security-announce/2017/msg00039.html
security.netapp.com/advisory/ntap-20180731-0002/
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P