VID |
22865 |
Severity |
40 |
Port |
80, ... |
Protocol |
TCP |
Class |
WWW |
Detailed Description |
The version of Apache Tomcat installed on the remote host is prior to 7.0.90. It is, therefore, affected by multiple vulnerabilities.
- Enable 'supportsCredentials' for all origins. It is expected that users of the CORS filter will have configured it appropriately for their environment rather than using it in the default configuration. Therefore, it is expected that most users will not be impacted by this issue. (CVE-2018-8014)
- A vulnerability that could allow Tomcat to authenticate with a certificate of a client whose certificate was revoked due to a certificate identification error (CVE-2018-8019, CVE-2018-8020)
- The host name verification when using TLS with the WebSocket client was missing. (CVE-2018-8034)
* References: https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.89 https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.90 https://portswigger.net/blog/exploiting-cors-misconfigurations-for-bitcoins-and-bounties
* Platforms Affected: Apache Tomcat Server versions 7.0.x prior to 7.0.90 Any operating system Any version |
Recommendation |
Upgrade to the latest version of Apache Tomcat Server (7.0.90 or later), available from the Apache Software Foundation download site, http://tomcat.apache.org/ |
Related URL |
CVE-2018-8014,CVE-2018-8019,CVE-2018-8020,CVE-2018-8034 (CVE) |
Related URL |
(SecurityFocus) |
Related URL |
(ISS) |
|