Korean
<< Back
VID 22867
Severity 40
Port 80, ...
Protocol TCP
Class WWW
Detailed Description The version of Apache Tomcat installed on the remote host is at least 8.5.32 and prior to 8.5.x. It is, therefore, affected by multiple vulnerabilities.

- Enable 'supportsCredentials' for all origins. It is expected that users of the CORS filter will have configured it appropriately for their environment rather than using it in the default configuration. Therefore, it is expected that most users will not be impacted by this issue. (CVE-2018-8014)

- A vulnerability that could allow Tomcat to authenticate with a certificate of a client whose certificate was revoked due to a certificate identification error (CVE-2018-8019, CVE-2018-8020)

- The host name verification when using TLS with the WebSocket client was missing. (CVE-2018-8034)

* References:
http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.32 https://portswigger.net/blog/exploiting-cors-misconfigurations-for-bitcoins-and-bounties

* Platforms Affected:
Apache Tomcat Server versions 8.5.x prior to 8.5.32
Any operating system Any version
Recommendation Upgrade to the latest version of Apache Tomcat Server (8.5.32 or later), available from the Apache Software Foundation download site, http://tomcat.apache.org/
Related URL CVE-2018-8014,CVE-2018-8019,CVE-2018-8020,CVE-2018-8034 (CVE)
Related URL (SecurityFocus)
Related URL (ISS)