| VID |
210228 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The version of Tomcat installed on the remote host is 9.0.0-M1 or later but prior to 9.0.68.
It is, therefore, affected by a request smuggling vulnerability as referenced in the fixed_in_apache_tomcat_9.0.68_security-9 advisory.
If Tomcat was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false (the default), Tomcat did not reject a request containing an invalid Content-Length header making a request smuggling attack possible if Tomcat was located behind a reverse proxy that also failed to reject the request with the invalid header.
* References:
https://github.com/apache/tomcat/commit/4c7f4fd09d2cc1692112ef70b8ee23a7a037ae77
https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.68
* Platforms Affected:
Apache Tomcat Server versions 9.0.x prior to 9.0.68
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Apache Tomcat Server (9.0.68 or later), available from the Apache Software Foundation download site, http://tomcat.apache.org/ |
| Related URL |
CVE-2022-42252 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
