fkie_cve-2019-17569
Vulnerability from fkie_nvd
Published
2020-02-24 22:15
Modified
2024-11-21 04:32
Severity ?
Summary
The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | tomcat | * | |
| apache | tomcat | * | |
| apache | tomcat | * | |
| apache | tomee | 7.0.7 | |
| opensuse | leap | 15.1 | |
| netapp | data_availability_services | - | |
| netapp | oncommand_system_manager | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| oracle | agile_engineering_data_management | 6.2.1.0 | |
| oracle | agile_plm | 9.3.3 | |
| oracle | agile_plm | 9.3.5 | |
| oracle | agile_plm | 9.3.6 | |
| oracle | communications_instant_messaging_server | 10.0.1.4.0 | |
| oracle | health_sciences_empirica_inspections | 1.0.1.2 | |
| oracle | health_sciences_empirica_signal | 7.3.3 | |
| oracle | hospitality_guest_access | 4.2.0 | |
| oracle | hospitality_guest_access | 4.2.1 | |
| oracle | instantis_enterprisetrack | * | |
| oracle | mysql_enterprise_monitor | * | |
| oracle | mysql_enterprise_monitor | * | |
| oracle | transportation_management | 6.3.7 | |
| oracle | workload_manager | 12.2.0.1 | |
| oracle | workload_manager | 18c | |
| oracle | workload_manager | 19c |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", matchCriteriaId: "8B3485F0-C7F0-4468-85FD-9C4A12FD3DEA", versionEndIncluding: "7.0.99", versionStartIncluding: "7.0.98", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", matchCriteriaId: "DCD8AFD6-3763-4D03-AC4F-66C7B649D7B5", versionEndIncluding: "8.5.50", versionStartIncluding: "8.5.48", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", matchCriteriaId: "53B6CAAC-0977-446D-B503-3F93550206F5", versionEndIncluding: "9.0.30", versionStartIncluding: "9.0.28", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:tomee:7.0.7:*:*:*:*:*:*:*", matchCriteriaId: "7A7AAD10-F3A5-46F1-8C38-ECB0E1DDA184", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*", matchCriteriaId: "0EF46487-B64A-454E-AECC-D74B83170ACD", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "34B80C9D-62AA-42FA-AB46-F8A414FCBE5E", versionEndIncluding: "3.1.3", versionStartIncluding: "3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:*:*:*:*:*:*:*", matchCriteriaId: "80C9DBB8-3D50-4D5D-859A-B022EB7C2E64", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:*", matchCriteriaId: "D14ABF04-E460-4911-9C6C-B7BCEFE68E9D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:agile_plm:9.3.5:*:*:*:*:*:*:*", matchCriteriaId: "ED43772F-D280-42F6-A292-7198284D6FE7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*", matchCriteriaId: "C650FEDB-E903-4C2D-AD40-282AB5F2E3C2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "0DB23B9A-571E-4B77-B432-23F3DC9B67D1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_empirica_inspections:1.0.1.2:*:*:*:*:*:*:*", matchCriteriaId: "F5F58398-0001-42FE-BD17-44F924955C3D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_empirica_signal:7.3.3:*:*:*:*:*:*:*", matchCriteriaId: "456AE11C-DD5B-4EA9-AA93-AAFC988830EB", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*", matchCriteriaId: "1A3DC116-2844-47A1-BEC2-D0675DD97148", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*", matchCriteriaId: "E0F1DF3E-0F2D-4EFC-9A3E-F72149C8AE94", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*", matchCriteriaId: "9A74FD5F-4FEA-4A74-8B92-72DFDE6BA464", versionEndIncluding: "17.3", versionStartIncluding: "17.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", matchCriteriaId: "9A3BBE71-CA00-4F54-9210-FC7572C87CFB", versionEndIncluding: "4.0.12", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", matchCriteriaId: "73573516-EDA0-4176-A3ED-2F7006C87F8E", versionEndIncluding: "8.0.20", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:transportation_management:6.3.7:*:*:*:*:*:*:*", matchCriteriaId: "A58642E0-CA59-4DE6-A83C-F551FC621C32", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:workload_manager:12.2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "AD848FE1-CFD7-490C-B008-DF3B30F3256F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:workload_manager:18c:*:*:*:*:*:*:*", matchCriteriaId: "630C8E99-FE49-486E-9003-40B82809B7A3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:workload_manager:19c:*:*:*:*:*:*:*", matchCriteriaId: "C842DE9E-5E12-4295-AFA5-DEB5FEDE490A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.", }, { lang: "es", value: "La refactorización presente en Apache Tomcat versiones 9.0.28 hasta 9.0.30, versiones 8.5.48 hasta 8.5.50 y versiones 7.0.98 hasta 7.0.99, introdujo una regresión. El resultado de la regresión fue que los encabezados Transfer-Encoding no válidos fueron procesados incorrectamente, conllevando a una posibilidad de Tráfico No Autorizado de Peticiones HTTP si Tomcat se encontraba detrás de un proxy inverso que manejaba incorrectamente el encabezado Transfer-Encoding no válido de una manera particular. Tal proxy inverso es considerado improbable.", }, ], id: "CVE-2019-17569", lastModified: "2024-11-21T04:32:33.027", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-24T22:15:11.903", references: [ { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78%40%3Ccommits.tomee.apache.org%3E", }, { source: "security@apache.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread.html/r88def002c5c78534674ca67472e035099fbe088813d50062094a1390%40%3Cannounce.tomcat.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743%40%3Ccommits.tomee.apache.org%3E", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200327-0005/", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4673", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4680", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a15eb9b47c81915b78%40%3Ccommits.tomee.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread.html/r88def002c5c78534674ca67472e035099fbe088813d50062094a1390%40%3Cannounce.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a3922bbeba0f0e3743%40%3Ccommits.tomee.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200327-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4673", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4680", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-444", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.