| VID |
22957 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The version of Tomcat installed on the remote host is 8.5.x prior to 8.5.57. It is, therefore, affected by multiple vulnerabilities as referenced in the Fixed in Apache Tomcat 8.5.57 security advisory.
- The payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service (DoS).
(CVE-2020-13935)
- An h2c direct connection did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service (DoS). (CVE-2020-13934)
* References:
https://github.com/apache/tomcat/commit/12d715676038efbf9c728af10163f8277fc019d5
https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e
https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57
* Platforms Affected:
Apache Tomcat Server versions 8.5.x prior to 8.5.57
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Apache Tomcat Server (8.5.57 or later), available from the Apache Software Foundation download site, http://tomcat.apache.org/ |
| Related URL |
CVE-2020-13934,CVE-2020-13935 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
