Vulnerabilites related to oracle - tekelec_platform_distribution
Vulnerability from fkie_nvd
Published
2017-08-10 22:29
Modified
2024-11-21 02:56
Summary
The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.
References
security@apache.orghttp://rhn.redhat.com/errata/RHSA-2017-0457.htmlThird Party Advisory
security@apache.orghttp://www.debian.org/security/2016/dsa-3720Third Party Advisory
security@apache.orghttp://www.securityfocus.com/bid/93940Broken Link
security@apache.orghttp://www.securitytracker.com/id/1037145Broken Link
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:0455Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:0456Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:2247Third Party Advisory
security@apache.orghttps://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/9325837eb00cba5752c092047433c7f0415134d16e7f391447ff4352%40%3Cannounce.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://security.netapp.com/advisory/ntap-20180605-0001/Third Party Advisory
security@apache.orghttps://usn.ubuntu.com/4557-1/Third Party Advisory
security@apache.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2017-0457.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2016/dsa-3720Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/93940Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1037145Broken Link
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:0455Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:0456Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2247Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/9325837eb00cba5752c092047433c7f0415134d16e7f391447ff4352%40%3Cannounce.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20180605-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4557-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0956A16-7E61-40E4-B107-2A0EEA1208C5",
                     versionEndIncluding: "6.0.45",
                     versionStartIncluding: "6.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5DCDF5FD-A879-4E78-A572-78C325F13C85",
                     versionEndIncluding: "7.0.70",
                     versionStartIncluding: "7.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D30B2FCD-09F0-4647-84AE-343ECD724D45",
                     versionEndIncluding: "8.0.36",
                     versionStartIncluding: "8.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E7CA297-C102-4AF2-82D1-EF565ACCD1F5",
                     versionEndIncluding: "8.5.4",
                     versionStartIncluding: "8.5.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*",
                     matchCriteriaId: "9D0689FE-4BC0-4F53-8C79-34B21F9B86C2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*",
                     matchCriteriaId: "9F542E12-6BA8-4504-A494-DA83E7E19BD5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*",
                     matchCriteriaId: "C0C5F004-F7D8-45DB-B173-351C50B0EC16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*",
                     matchCriteriaId: "D1902D2E-1896-4D3D-9E1C-3A675255072C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*",
                     matchCriteriaId: "49AAF4DF-F61D-47A8-8788-A21E317A145D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*",
                     matchCriteriaId: "454211D0-60A2-4661-AECA-4C0121413FEB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*",
                     matchCriteriaId: "0686F977-889F-4960-8E0B-7784B73A7F2D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*",
                     matchCriteriaId: "558703AE-DB5E-4DFF-B497-C36694DD7B24",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*",
                     matchCriteriaId: "ED6273F2-1165-47A4-8DD7-9E9B2472941B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "26F05F85-7458-4C8F-B93F-93C92E506A40",
                     versionEndIncluding: "7.7.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3BD81527-A341-42C3-9AB9-880D3DB04B08",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F4754FB-E3EB-454A-AB1A-AE3835C5350C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E2F2F98-DB90-43F6-8F28-3656207B6188",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "F96E3779-F56A-45FF-BB3D-4980527D721E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "7431ABC1-9252-419E-8CC1-311B41360078",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.",
      },
      {
         lang: "es",
         value: "La implementación ResourceLinkFactory en Apache Tomcat 9.0.0.M1 a 9.0.0.M9, 8.5.0 a 8.5.4, 8.0.0.RC1 a 8.0.36, 7.0.0 a 7.0.70 a 6.0.0 a 6.0.45 no limitaba el acceso de las aplicaciones web a recursos globales JNDI a aquellos relacionados explícitamente con la aplicación web. Por lo tanto, era posible que una aplicación web accediese a cualquier recurso global JNDI sin importar si se había configurado un ResourceLink explícito.",
      },
   ],
   id: "CVE-2016-6797",
   lastModified: "2024-11-21T02:56:50.733",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: true,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2017-08-10T22:29:00.203",
   references: [
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2016/dsa-3720",
      },
      {
         source: "security@apache.org",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securityfocus.com/bid/93940",
      },
      {
         source: "security@apache.org",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securitytracker.com/id/1037145",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0455",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0456",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:2247",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/9325837eb00cba5752c092047433c7f0415134d16e7f391447ff4352%40%3Cannounce.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4557-1/",
      },
      {
         source: "security@apache.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2016/dsa-3720",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securityfocus.com/bid/93940",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securitytracker.com/id/1037145",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0455",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0456",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:2247",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/9325837eb00cba5752c092047433c7f0415134d16e7f391447ff4352%40%3Cannounce.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4557-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
   ],
   sourceIdentifier: "security@apache.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-863",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-07-12 15:15
Modified
2024-11-21 06:04
Summary
A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.
References
security@apache.orghttps://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3EMailing List, Vendor Advisory
security@apache.orghttps://lists.debian.org/debian-lts-announce/2021/08/msg00009.htmlMailing List, Third Party Advisory
security@apache.orghttps://security.gentoo.org/glsa/202208-34Third Party Advisory
security@apache.orghttps://security.netapp.com/advisory/ntap-20210827-0007/Third Party Advisory
security@apache.orghttps://www.debian.org/security/2021/dsa-4952Third Party Advisory
security@apache.orghttps://www.debian.org/security/2021/dsa-4986Third Party Advisory
security@apache.orghttps://www.oracle.com//security-alerts/cpujul2021.htmlThird Party Advisory
security@apache.orghttps://www.oracle.com/security-alerts/cpujan2022.htmlPatch, Third Party Advisory
security@apache.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3EMailing List, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/08/msg00009.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/202208-34Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20210827-0007/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2021/dsa-4952Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2021/dsa-4986Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com//security-alerts/cpujul2021.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujan2022.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2BA16F9-F348-4796-B5A1-A1CC3CC20926",
                     versionEndExcluding: "7.0.109",
                     versionStartIncluding: "7.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E609F611-7273-4E5E-8EE1-99804D01AFCB",
                     versionEndExcluding: "8.5.66",
                     versionStartIncluding: "8.5.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DFD5BEFB-48F5-4CC6-8644-1C38106A0F6F",
                     versionEndExcluding: "9.0.46",
                     versionStartIncluding: "9.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9CC917F9-341E-4064-B101-5382944BD79A",
                     versionEndExcluding: "10.0.6",
                     versionStartIncluding: "10.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "4479F76A-4B67-41CC-98C7-C76B81050F8E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C88D46AF-459D-4917-9403-0F63FEC83512",
                     versionEndIncluding: "8.5.0",
                     versionStartIncluding: "8.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7B49D71-6A31-497A-B6A9-06E84F086E7A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:hospitality_cruise_shipboard_property_management_system:20.1.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "05F5B430-8BA1-4865-93B5-0DE89F424B53",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "26F05F85-7458-4C8F-B93F-93C92E506A40",
                     versionEndIncluding: "7.7.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en el ámbito JNDI de Apache Tomcat permite a un atacante autenticarse usando variaciones de un nombre de usuario válido y/o omitir parte de la protección proporcionada por el ámbito LockOut. Este problema afecta a Apache Tomcat versiones 10.0.0-M1 hasta 10.0.5; versiones 9.0.0.M1 hasta 9.0.45; versiones 8.5.0 hasta 8.5.65",
      },
   ],
   id: "CVE-2021-30640",
   lastModified: "2024-11-21T06:04:20.893",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5.8,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 4.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.2,
            impactScore: 4.2,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-07-12T15:15:08.367",
   references: [
      {
         source: "security@apache.org",
         tags: [
            "Mailing List",
            "Vendor Advisory",
         ],
         url: "https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/08/msg00009.html",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-34",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20210827-0007/",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2021/dsa-4952",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2021/dsa-4986",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com//security-alerts/cpujul2021.html",
      },
      {
         source: "security@apache.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2022.html",
      },
      {
         source: "security@apache.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Vendor Advisory",
         ],
         url: "https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/08/msg00009.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202208-34",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20210827-0007/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2021/dsa-4952",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2021/dsa-4986",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com//security-alerts/cpujul2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2022.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
   ],
   sourceIdentifier: "security@apache.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-116",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2017-08-10 16:29
Modified
2024-11-21 02:53
Severity ?
Summary
In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications.
References
security@apache.orghttp://packetstormsecurity.com/files/155873/Tomcat-9.0.0.M1-Sandbox-Escape.htmlExploit, Third Party Advisory, VDB Entry
security@apache.orghttp://rhn.redhat.com/errata/RHSA-2017-0457.htmlThird Party Advisory
security@apache.orghttp://rhn.redhat.com/errata/RHSA-2017-1551.htmlThird Party Advisory
security@apache.orghttp://www.debian.org/security/2016/dsa-3720Third Party Advisory
security@apache.orghttp://www.securityfocus.com/bid/93942Broken Link
security@apache.orghttp://www.securitytracker.com/id/1037142Broken Link
security@apache.orghttp://www.securitytracker.com/id/1038757Broken Link
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:0455Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:0456Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:1548Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:1549Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:1550Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:1552Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:2247Third Party Advisory
security@apache.orghttps://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/9b3a63a20c87179815fdea14f6766853bafe79a0042dc0b4aa878a9e%40%3Cannounce.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://security.netapp.com/advisory/ntap-20180605-0001/Third Party Advisory
security@apache.orghttps://usn.ubuntu.com/4557-1/Third Party Advisory
security@apache.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/155873/Tomcat-9.0.0.M1-Sandbox-Escape.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2017-0457.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2017-1551.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2016/dsa-3720Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/93942Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1037142Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1038757Broken Link
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:0455Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:0456Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1548Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1549Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1550Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1552Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2247Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/9b3a63a20c87179815fdea14f6766853bafe79a0042dc0b4aa878a9e%40%3Cannounce.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20180605-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4557-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0956A16-7E61-40E4-B107-2A0EEA1208C5",
                     versionEndIncluding: "6.0.45",
                     versionStartIncluding: "6.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5DCDF5FD-A879-4E78-A572-78C325F13C85",
                     versionEndIncluding: "7.0.70",
                     versionStartIncluding: "7.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D30B2FCD-09F0-4647-84AE-343ECD724D45",
                     versionEndIncluding: "8.0.36",
                     versionStartIncluding: "8.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E7CA297-C102-4AF2-82D1-EF565ACCD1F5",
                     versionEndIncluding: "8.5.4",
                     versionStartIncluding: "8.5.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*",
                     matchCriteriaId: "9D0689FE-4BC0-4F53-8C79-34B21F9B86C2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*",
                     matchCriteriaId: "9F542E12-6BA8-4504-A494-DA83E7E19BD5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*",
                     matchCriteriaId: "C0C5F004-F7D8-45DB-B173-351C50B0EC16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*",
                     matchCriteriaId: "D1902D2E-1896-4D3D-9E1C-3A675255072C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*",
                     matchCriteriaId: "49AAF4DF-F61D-47A8-8788-A21E317A145D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*",
                     matchCriteriaId: "454211D0-60A2-4661-AECA-4C0121413FEB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*",
                     matchCriteriaId: "0686F977-889F-4960-8E0B-7784B73A7F2D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*",
                     matchCriteriaId: "558703AE-DB5E-4DFF-B497-C36694DD7B24",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*",
                     matchCriteriaId: "ED6273F2-1165-47A4-8DD7-9E9B2472941B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3BD81527-A341-42C3-9AB9-880D3DB04B08",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F4754FB-E3EB-454A-AB1A-AE3835C5350C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2E0AFF9-F664-4D46-AEF4-07C725CC5448",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E2F2F98-DB90-43F6-8F28-3656207B6188",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "F96E3779-F56A-45FF-BB3D-4980527D721E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "7431ABC1-9252-419E-8CC1-311B41360078",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "26F05F85-7458-4C8F-B93F-93C92E506A40",
                     versionEndIncluding: "7.7.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications.",
      },
      {
         lang: "es",
         value: "En Apache Tomcat 9.0.0.M1 a 9.0.0.M9, 8.5.0 a 8.5.4, 8.0.0.RC1 a 8.0.36, 7.0.0 a 7.0.70, y 6.0.0 a 6.0.45 una aplicación web maliciosa era capaz de omitir un SecurityManager configurado mediante un método utility Tomcat accesible para las aplicaciones web.",
      },
   ],
   id: "CVE-2016-5018",
   lastModified: "2024-11-21T02:53:27.370",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: true,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 6.4,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 4.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 9.1,
               baseSeverity: "CRITICAL",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 5.2,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2017-08-10T16:29:00.407",
   references: [
      {
         source: "security@apache.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/155873/Tomcat-9.0.0.M1-Sandbox-Escape.html",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2017-1551.html",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2016/dsa-3720",
      },
      {
         source: "security@apache.org",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securityfocus.com/bid/93942",
      },
      {
         source: "security@apache.org",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securitytracker.com/id/1037142",
      },
      {
         source: "security@apache.org",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securitytracker.com/id/1038757",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0455",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0456",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:1548",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:1549",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:1550",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:1552",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:2247",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/9b3a63a20c87179815fdea14f6766853bafe79a0042dc0b4aa878a9e%40%3Cannounce.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4557-1/",
      },
      {
         source: "security@apache.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/155873/Tomcat-9.0.0.M1-Sandbox-Escape.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2017-1551.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2016/dsa-3720",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securityfocus.com/bid/93942",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securitytracker.com/id/1037142",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securitytracker.com/id/1038757",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0455",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0456",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:1548",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:1549",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:1550",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:1552",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:2247",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/9b3a63a20c87179815fdea14f6766853bafe79a0042dc0b4aa878a9e%40%3Cannounce.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4557-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
   ],
   sourceIdentifier: "security@apache.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2017-08-10 16:29
Modified
2024-11-21 02:56
Summary
When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible.
References
security@apache.orghttp://rhn.redhat.com/errata/RHSA-2017-0457.htmlThird Party Advisory
security@apache.orghttp://www.debian.org/security/2016/dsa-3720Third Party Advisory
security@apache.orghttp://www.securityfocus.com/bid/93943Broken Link
security@apache.orghttp://www.securitytracker.com/id/1037143Broken Link
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:0455Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:0456Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:2247Third Party Advisory
security@apache.orghttps://lists.apache.org/thread.html/09d2f2c65ac4ff5da42f15dc2b0f78b655e50f1a42e8a9784134a9eb%40%3Cannounce.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://security.netapp.com/advisory/ntap-20180605-0001/Third Party Advisory
security@apache.orghttps://usn.ubuntu.com/4557-1/Third Party Advisory
security@apache.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2017-0457.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2016/dsa-3720Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/93943Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1037143Broken Link
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:0455Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:0456Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2247Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/09d2f2c65ac4ff5da42f15dc2b0f78b655e50f1a42e8a9784134a9eb%40%3Cannounce.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20180605-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4557-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0956A16-7E61-40E4-B107-2A0EEA1208C5",
                     versionEndIncluding: "6.0.45",
                     versionStartIncluding: "6.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5DCDF5FD-A879-4E78-A572-78C325F13C85",
                     versionEndIncluding: "7.0.70",
                     versionStartIncluding: "7.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D30B2FCD-09F0-4647-84AE-343ECD724D45",
                     versionEndIncluding: "8.0.36",
                     versionStartIncluding: "8.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E7CA297-C102-4AF2-82D1-EF565ACCD1F5",
                     versionEndIncluding: "8.5.4",
                     versionStartIncluding: "8.5.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*",
                     matchCriteriaId: "9D0689FE-4BC0-4F53-8C79-34B21F9B86C2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*",
                     matchCriteriaId: "9F542E12-6BA8-4504-A494-DA83E7E19BD5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*",
                     matchCriteriaId: "C0C5F004-F7D8-45DB-B173-351C50B0EC16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*",
                     matchCriteriaId: "D1902D2E-1896-4D3D-9E1C-3A675255072C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*",
                     matchCriteriaId: "49AAF4DF-F61D-47A8-8788-A21E317A145D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*",
                     matchCriteriaId: "454211D0-60A2-4661-AECA-4C0121413FEB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*",
                     matchCriteriaId: "0686F977-889F-4960-8E0B-7784B73A7F2D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*",
                     matchCriteriaId: "558703AE-DB5E-4DFF-B497-C36694DD7B24",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*",
                     matchCriteriaId: "ED6273F2-1165-47A4-8DD7-9E9B2472941B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E2F2F98-DB90-43F6-8F28-3656207B6188",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "F96E3779-F56A-45FF-BB3D-4980527D721E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "7431ABC1-9252-419E-8CC1-311B41360078",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3BD81527-A341-42C3-9AB9-880D3DB04B08",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F4754FB-E3EB-454A-AB1A-AE3835C5350C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "26F05F85-7458-4C8F-B93F-93C92E506A40",
                     versionEndIncluding: "7.7.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible.",
      },
      {
         lang: "es",
         value: "Cuando se configura un SecurityManager, la capacidad de una aplicación web de leer las propiedades del sistema debería estar controlada por SecurityManager. En Apache Tomcat 9.0.0.M1 a 9.0.0.M9, 8.5.0 a 8.5.4, 8.0.0.RC1 a 8.0.36, 7.0.0 a 7.0.70, 6.0.0 a 6.0.45 la funcionalidad de reemplazo de propiedades del sistema para archivos de configuración podría ser utilizada por una aplicación web maliciosa para eludir el SecurityManager y leer propiedades del sistema que no deberían ser visibles.",
      },
   ],
   id: "CVE-2016-6794",
   lastModified: "2024-11-21T02:56:50.183",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: true,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2017-08-10T16:29:00.530",
   references: [
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2016/dsa-3720",
      },
      {
         source: "security@apache.org",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securityfocus.com/bid/93943",
      },
      {
         source: "security@apache.org",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securitytracker.com/id/1037143",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0455",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0456",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:2247",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/09d2f2c65ac4ff5da42f15dc2b0f78b655e50f1a42e8a9784134a9eb%40%3Cannounce.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4557-1/",
      },
      {
         source: "security@apache.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2016/dsa-3720",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securityfocus.com/bid/93943",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securitytracker.com/id/1037143",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0455",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0456",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:2247",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/09d2f2c65ac4ff5da42f15dc2b0f78b655e50f1a42e8a9784134a9eb%40%3Cannounce.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4557-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
   ],
   sourceIdentifier: "security@apache.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-06-05 14:15
Modified
2024-11-21 04:56
Summary
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://github.com/Perl/perl5/blob/blead/pod/perl5303delta.podThird Party Advisory
cve@mitre.orghttps://github.com/Perl/perl5/compare/v5.30.2...v5.30.3Patch, Third Party Advisory
cve@mitre.orghttps://github.com/perl/perl5/commit/0a320d753fe7fca03df259a4dfd8e641e51edaa8Patch, Third Party Advisory
cve@mitre.orghttps://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3cPatch, Third Party Advisory
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/
cve@mitre.orghttps://security.gentoo.org/glsa/202006-03Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20200611-0001/Third Party Advisory
cve@mitre.orghttps://www.oracle.com//security-alerts/cpujul2021.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpujan2021.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpujan2022.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuoct2020.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.podThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/perl/perl5/commit/0a320d753fe7fca03df259a4dfd8e641e51edaa8Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3cPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/202006-03Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20200611-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com//security-alerts/cpujul2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujan2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujan2022.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2020.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C171B203-3DAA-43B7-A0BE-DDB0895EB744",
                     versionEndExcluding: "5.30.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                     matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5735E553-9731-4AAC-BCFF-989377F817B3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F4754FB-E3EB-454A-AB1A-AE3835C5350C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2ECD5E79-5C1B-42E9-BE0B-A034EE2D632D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E39D442D-1997-49AF-8B02-5640BE2A26CC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C88D46AF-459D-4917-9403-0F63FEC83512",
                     versionEndIncluding: "8.5.0",
                     versionStartIncluding: "8.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A0E3537-CB5A-40BF-B42C-CED9211B8892",
                     versionEndIncluding: "16.4.0",
                     versionStartIncluding: "16.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "996861FC-0089-4BED-8E46-F2B76037EA65",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "37764AF5-E42E-461E-AA43-763D21B3DCE2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:46.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "879FE18D-6B1C-4CF7-B409-C379E9F60D0A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:46.8:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2BE3FB3-5619-4381-BE4E-FBADB3C747F9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:46.9:*:*:*:*:*:*:*",
                     matchCriteriaId: "4AB3C447-DA3F-44FF-91FD-8985C0527940",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_lsms:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "806AF4AF-12FB-4222-84E4-BC9D44EFF09F",
                     versionEndIncluding: "13.4",
                     versionStartIncluding: "13.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "49ACFC73-A509-4D1C-8FC3-F68F495AB055",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "977CA754-6CE0-4FCB-9683-D81B7A15449D",
                     versionEndIncluding: "10.3.0.2.1",
                     versionStartIncluding: "10.3.0.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "29A3F7EF-2A69-427F-9F75-DDDBEE34BA2B",
                     versionEndIncluding: "10.4.0.3.1",
                     versionStartIncluding: "10.4.0.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7B49D71-6A31-497A-B6A9-06E84F086E7A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:configuration_manager:12.1.2.0.8:*:*:*:*:*:*:*",
                     matchCriteriaId: "495DECD7-B14F-4D59-B3E1-30BF9B267475",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D26F3E23-F1A9-45E7-9E5F-0C0A24EE3783",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:sd-wan_aware:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "667A06DE-E173-406F-94DA-1FE64BCFAE18",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:sd-wan_aware:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B003D11-398F-486C-941D-698FB5BE5BCE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:sd-wan_aware:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "D13834B9-C48B-4C72-A27B-F9A8ACB50098",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "26F05F85-7458-4C8F-B93F-93C92E506A40",
                     versionEndIncluding: "7.7.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
      },
      {
         lang: "es",
         value: "Perl versiones anteriores a 5.30.3, presenta un desbordamiento de enteros relacionado con un manejo inapropiado de una situación \"PL_regkind[OP(n)] == NOTHING\". Una expresión regular diseñada podría conllevar a un bytecode malformado con la posibilidad de inyección de instrucciones",
      },
   ],
   id: "CVE-2020-10878",
   lastModified: "2024-11-21T04:56:16.367",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 7.5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.7,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-06-05T14:15:10.527",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/perl/perl5/commit/0a320d753fe7fca03df259a4dfd8e641e51edaa8",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202006-03",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200611-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com//security-alerts/cpujul2021.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2021.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2022.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2020.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/perl/perl5/commit/0a320d753fe7fca03df259a4dfd8e641e51edaa8",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202006-03",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200611-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com//security-alerts/cpujul2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2022.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2020.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-190",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-03-10 16:15
Modified
2024-11-21 05:46
Summary
A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system availability.
Impacted products



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "26F05F85-7458-4C8F-B93F-93C92E506A40",
                     versionEndIncluding: "7.7.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system availability.",
      },
      {
         lang: "es",
         value: "Se encontró un fallo en la manera en que son liberados los recursos de memoria en la función unix_stream_recvmsg en el kernel de Linux cuando había una señal pendiente. Este fallo permite a un usuario local sin privilegios bloquear el sistema agotando la memoria disponible. La mayor amenaza de esta vulnerabilidad es la disponibilidad del sistema",
      },
   ],
   id: "CVE-2021-20265",
   lastModified: "2024-11-21T05:46:14.457",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 4.9,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 5.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-03-10T16:15:16.610",
   references: [
      {
         source: "secalert@redhat.com",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=1908827",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fa0dc04df259ba2df3ce1920e9690c7842f8fa4b",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=1908827",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fa0dc04df259ba2df3ce1920e9690c7842f8fa4b",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-400",
            },
         ],
         source: "secalert@redhat.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-401",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-04-29 01:15
Modified
2024-11-21 05:54
Summary
In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.
References
security-officer@isc.orghttp://www.openwall.com/lists/oss-security/2021/04/29/1Mailing List, Third Party Advisory
security-officer@isc.orghttp://www.openwall.com/lists/oss-security/2021/04/29/2Mailing List, Third Party Advisory
security-officer@isc.orghttp://www.openwall.com/lists/oss-security/2021/04/29/3Mailing List, Third Party Advisory
security-officer@isc.orghttp://www.openwall.com/lists/oss-security/2021/04/29/4Mailing List, Third Party Advisory
security-officer@isc.orghttps://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdfPatch, Third Party Advisory
security-officer@isc.orghttps://kb.isc.org/v1/docs/cve-2021-25215Vendor Advisory
security-officer@isc.orghttps://lists.debian.org/debian-lts-announce/2021/05/msg00001.htmlMailing List, Third Party Advisory
security-officer@isc.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VEC2XG4Q2ODTN2C4CGXEIXU3EUTBMK7L/
security-officer@isc.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDSRPCJQ7MZC6CENH5PO3VQOFI7VSWBE/
security-officer@isc.orghttps://security.netapp.com/advisory/ntap-20210521-0006/Third Party Advisory
security-officer@isc.orghttps://www.debian.org/security/2021/dsa-4909Third Party Advisory
security-officer@isc.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/04/29/1Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/04/29/2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/04/29/3Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/04/29/4Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdfPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://kb.isc.org/v1/docs/cve-2021-25215Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/05/msg00001.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VEC2XG4Q2ODTN2C4CGXEIXU3EUTBMK7L/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDSRPCJQ7MZC6CENH5PO3VQOFI7VSWBE/
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20210521-0006/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2021/dsa-4909Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "18B8AA9D-C4D1-4F3B-9440-FC29D925961D",
                     versionEndExcluding: "9.11.31",
                     versionStartIncluding: "9.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "E38EFB1A-11B5-403F-815F-4899E7007D02",
                     versionEndExcluding: "9.16.15",
                     versionStartIncluding: "9.12.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "00F9BCC7-51F7-47EE-AFCE-946F24CC3694",
                     versionEndExcluding: "9.17.12",
                     versionStartIncluding: "9.17.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "40EE014B-0CD8-45F3-BEDB-AE6368A78B04",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.9.12:s1:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "DAF8FA8C-0526-4389-AEC6-92AD62AA3929",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.9.13:s1:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "1A9BA952-A5DF-4CBA-8928-0B373C013C32",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.10.5:s1:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "CAD41122-C5D8-4256-8CB7-FF88DCD96A13",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.10.7:s1:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "6243685F-1E5B-4FF6-AE1B-44798032FBA6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "C2FE13E1-0646-46FC-875B-CB4C34E20101",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "1AA16E51-819C-4A1B-B66E-1C60C1782C0D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "91533F9F-C0E5-4E84-8A4C-F744F956BF97",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.11.5:s6:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "46E6A4BD-D69B-4A70-821D-5612DD1315EF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "8AF9D390-0D5B-4963-A2D3-BF1E7CD95E9D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "AB2B92F1-6BA8-41CA-9000-E0633462CC28",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "02CA4635-7DFC-408E-A837-856E0F96CA1B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.11.12:s1:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "3CABCB08-B838-45F7-AA87-77C6B8767DD0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "5CC1F26C-4757-4C87-BD8B-2FA456A88C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.11.27:s1:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "582A4948-B64F-45D4-807A-846A85BB6B42",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.11.29:s1:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "F22E7F6A-0714-480D-ACDF-5027FD6697B2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.16.8:s1:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "288EAD80-574B-4839-9C2C-81D6D088A733",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.16.11:s1:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "3595F024-F910-4356-8B5B-D478960FF574",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:isc:bind:9.16.13:s1:*:*:supported_preview:*:*:*",
                     matchCriteriaId: "94661BA2-27F8-4FFE-B844-9404F735579D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                     matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                     matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "56409CEC-5A1E-4450-AA42-641E459CC2AF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "108A2215-50FB-4074-94CF-C130FA14566D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "32F0B6C0-F930-480D-962B-3F4EFDCC13C7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "803BC414-B250-4E3A-A478-A3881340D6B8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0FEB3337-BFDE-462A-908B-176F92053CEC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "736AEAE9-782B-4F71-9893-DED53367E102",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1236B66D-EB11-4324-929F-E2B86683C3C7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "281DFC67-46BB-4FC2-BE03-3C65C9311F65",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ECF32BB1-9A58-4821-AE49-5D5C8200631F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F21DE67F-CDFD-4D36-9967-633CD0240C6F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "26F05F85-7458-4C8F-B93F-93C92E506A40",
                     versionEndIncluding: "7.7.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0F46497-4AB0-49A7-9453-CC26837BF253",
                     versionEndExcluding: "1.0.1.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.",
      },
      {
         lang: "es",
         value: "En BIND versiones 9.0.0 posteriores a 9.11.29, versiones 9.12.0 posteriores a 9.16.13, y BIND versiones 9.9.3-S1 posteriores a 9.11.29-S1 y versiones 9.16.8-S1 posteriores a 9.16.13-S1 de BIND Supported Preview Edition, así como versiones de lanzamiento 9.17.0 posteriores a 9.17.11 de la rama de desarrollo de BIND versión 9.17, cuando una versión vulnerable de named recibe una consulta para un registro que desencadena un fallo descrito anteriormente, el proceso named terminará debido a un comprobación de afirmación fallido. La vulnerabilidad afecta a todas las ramas de BIND 9 que se mantienen actualmente (9.11, 9.11-S, 9.16, 9.16-S, 9.17), así como a todas las demás versiones de BIND 9",
      },
   ],
   id: "CVE-2021-25215",
   lastModified: "2024-11-21T05:54:33.650",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "security-officer@isc.org",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-04-29T01:15:08.013",
   references: [
      {
         source: "security-officer@isc.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/04/29/1",
      },
      {
         source: "security-officer@isc.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/04/29/2",
      },
      {
         source: "security-officer@isc.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/04/29/3",
      },
      {
         source: "security-officer@isc.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/04/29/4",
      },
      {
         source: "security-officer@isc.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
      },
      {
         source: "security-officer@isc.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://kb.isc.org/v1/docs/cve-2021-25215",
      },
      {
         source: "security-officer@isc.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/05/msg00001.html",
      },
      {
         source: "security-officer@isc.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VEC2XG4Q2ODTN2C4CGXEIXU3EUTBMK7L/",
      },
      {
         source: "security-officer@isc.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDSRPCJQ7MZC6CENH5PO3VQOFI7VSWBE/",
      },
      {
         source: "security-officer@isc.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20210521-0006/",
      },
      {
         source: "security-officer@isc.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2021/dsa-4909",
      },
      {
         source: "security-officer@isc.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/04/29/1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/04/29/2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/04/29/3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/04/29/4",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://kb.isc.org/v1/docs/cve-2021-25215",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/05/msg00001.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VEC2XG4Q2ODTN2C4CGXEIXU3EUTBMK7L/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDSRPCJQ7MZC6CENH5PO3VQOFI7VSWBE/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20210521-0006/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2021/dsa-4909",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
   ],
   sourceIdentifier: "security-officer@isc.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-617",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-12-09 17:15
Modified
2024-11-21 05:24
Summary
A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.
References
cve@mitre.orghttp://packetstormsecurity.com/files/160681/Linux-TIOCSPGRP-Broken-Locking.htmlThird Party Advisory, VDB Entry
cve@mitre.orghttp://packetstormsecurity.com/files/164950/Kernel-Live-Patch-Security-Notice-LSN-0082-1.htmlThird Party Advisory, VDB Entry
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2020/12/10/1Mailing List, Patch, Third Party Advisory
cve@mitre.orghttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=54ffccbf053b5b6ca4f6e45094b942fab92a25fcPatch, Vendor Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2021/02/msg00018.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2021/03/msg00010.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BOB25SU6XUL4TNP7KB63WNZSYTIYFDPP/
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZ7OAKAEFAXQRGBZK4LYUWINCD3D2XCL/
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20210122-0001/Third Party Advisory
cve@mitre.orghttps://www.debian.org/security/2021/dsa-4843Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/160681/Linux-TIOCSPGRP-Broken-Locking.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/164950/Kernel-Live-Patch-Security-Notice-LSN-0082-1.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2020/12/10/1Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=54ffccbf053b5b6ca4f6e45094b942fab92a25fcPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/02/msg00018.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/03/msg00010.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BOB25SU6XUL4TNP7KB63WNZSYTIYFDPP/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZ7OAKAEFAXQRGBZK4LYUWINCD3D2XCL/
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20210122-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2021/dsa-4843Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2FC0FB1-DC18-46A4-A31B-F97DD3EE3137",
                     versionEndExcluding: "4.4.248",
                     versionStartIncluding: "2.6.26",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B21174F6-B764-44AB-A945-3D629DBB3B13",
                     versionEndExcluding: "4.9.248",
                     versionStartIncluding: "4.5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4FCD12D6-C35F-4079-B6BA-3F788CFC6FB3",
                     versionEndExcluding: "4.14.212",
                     versionStartIncluding: "4.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9079A481-FEBA-4CEC-A294-9B95706DDF17",
                     versionEndExcluding: "4.19.163",
                     versionStartIncluding: "4.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0C60D505-E4D6-40DF-A835-9094A5DFDDBC",
                     versionEndExcluding: "5.4.83",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7FB6E3D6-0F55-42F3-A3BA-AA6E149E1C5F",
                     versionEndExcluding: "5.9.14",
                     versionStartIncluding: "5.5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
                     matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                     matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:broadcom:fabric_operating_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "046FB51E-B768-44D3-AEB5-D857145CA840",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FDD92BFA-9117-4E6E-A13F-ED064B4B7284",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B7DA42F-5D64-4967-A2D4-6210FE507841",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:8300_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E73901F-666D-4D8B-BDFD-93DD2F70C74B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:8300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D0FD5AED-42CF-4918-B32C-D675738EF15C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:8700_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "34B25BEF-8708-4E2C-8BA6-EBCD5267EB04",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:8700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE0F11D2-B5D9-46B4-BFC5-C86BC87D516A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a400_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04E3BD77-8915-4FFC-8483-5DB5D610F829",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "97E94ECB-BB51-4364-BEDD-8648C193196F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "26F05F85-7458-4C8F-B93F-93C92E506A40",
                     versionEndIncluding: "7.7.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.",
      },
      {
         lang: "es",
         value: "Se detectó un problema de bloqueo en el subsistema tty del kernel de Linux versiones hasta 5.9.13. El archivo drivers/tty/tty_jobctrl.c, permite un ataque de uso de la memoria previamente liberada contra TIOCSPGRP, también se conoce como CID-54ffccbf053b",
      },
   ],
   id: "CVE-2020-29661",
   lastModified: "2024-11-21T05:24:23.040",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-12-09T17:15:31.807",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/160681/Linux-TIOCSPGRP-Broken-Locking.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/164950/Kernel-Live-Patch-Security-Notice-LSN-0082-1.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2020/12/10/1",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=54ffccbf053b5b6ca4f6e45094b942fab92a25fc",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BOB25SU6XUL4TNP7KB63WNZSYTIYFDPP/",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZ7OAKAEFAXQRGBZK4LYUWINCD3D2XCL/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20210122-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2021/dsa-4843",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/160681/Linux-TIOCSPGRP-Broken-Locking.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/164950/Kernel-Live-Patch-Security-Notice-LSN-0082-1.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2020/12/10/1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=54ffccbf053b5b6ca4f6e45094b942fab92a25fc",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BOB25SU6XUL4TNP7KB63WNZSYTIYFDPP/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZ7OAKAEFAXQRGBZK4LYUWINCD3D2XCL/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20210122-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2021/dsa-4843",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
            {
               lang: "en",
               value: "CWE-667",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-03-07 05:15
Modified
2024-11-21 05:57
Summary
An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message.
References
cve@mitre.orghttp://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.htmlThird Party Advisory, VDB Entry
cve@mitre.orghttps://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.htmlExploit, Third Party Advisory
cve@mitre.orghttps://bugzilla.suse.com/show_bug.cgi?id=1182715Issue Tracking, Third Party Advisory
cve@mitre.orghttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec98ea7070e94cc25a422ec97d1421e28d97b7eeMailing List, Patch, Vendor Advisory
cve@mitre.orghttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f9dbdf97a5bd92b1a49cee3d591b55b11fd7a6d5Mailing List, Patch, Vendor Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2021/03/msg00010.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2021/03/msg00035.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20210409-0001/Third Party Advisory
cve@mitre.orghttps://www.openwall.com/lists/oss-security/2021/03/06/1Mailing List, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.htmlExploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.suse.com/show_bug.cgi?id=1182715Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec98ea7070e94cc25a422ec97d1421e28d97b7eeMailing List, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f9dbdf97a5bd92b1a49cee3d591b55b11fd7a6d5Mailing List, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/03/msg00010.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/03/msg00035.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20210409-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.openwall.com/lists/oss-security/2021/03/06/1Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AAEB7028-B576-457E-927A-8025DB7F3D14",
                     versionEndIncluding: "5.11.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "26F05F85-7458-4C8F-B93F-93C92E506A40",
                     versionEndIncluding: "7.7.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message.",
      },
      {
         lang: "es",
         value: "Se detectó un problema en el kernel de Linux versiones  hasta 5.11.3. Determinadas estructuras de datos iSCSI no tienen restricciones de longitud o comprobaciones apropiadas y pueden exceder el valor PAGE_SIZE. Un usuario sin privilegios puede enviar un mensaje de Netlink que está asociado con iSCSI y tiene una longitud de hasta la longitud máxima de un mensaje de Netlink",
      },
   ],
   id: "CVE-2021-27365",
   lastModified: "2024-11-21T05:57:50.850",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.6,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-03-07T05:15:13.623",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.suse.com/show_bug.cgi?id=1182715",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec98ea7070e94cc25a422ec97d1421e28d97b7ee",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f9dbdf97a5bd92b1a49cee3d591b55b11fd7a6d5",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20210409-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2021/03/06/1",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.suse.com/show_bug.cgi?id=1182715",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec98ea7070e94cc25a422ec97d1421e28d97b7ee",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f9dbdf97a5bd92b1a49cee3d591b55b11fd7a6d5",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20210409-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2021/03/06/1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2017-08-11 02:29
Modified
2024-11-21 02:56
Summary
A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet.
References
security@apache.orghttp://rhn.redhat.com/errata/RHSA-2017-0457.htmlThird Party Advisory
security@apache.orghttp://rhn.redhat.com/errata/RHSA-2017-1551.htmlThird Party Advisory
security@apache.orghttp://www.debian.org/security/2016/dsa-3720Third Party Advisory
security@apache.orghttp://www.securityfocus.com/bid/93944Broken Link
security@apache.orghttp://www.securitytracker.com/id/1037141Broken Link
security@apache.orghttp://www.securitytracker.com/id/1038757Broken Link
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:0455Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:0456Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:1548Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:1549Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:1550Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:1552Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:2247Third Party Advisory
security@apache.orghttps://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/5a2105a56b2495ab70fa568f06925bd861f0d71ffab4fb38bb4fdc45%40%3Cannounce.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://security.netapp.com/advisory/ntap-20180605-0001/Third Party Advisory
security@apache.orghttps://usn.ubuntu.com/4557-1/Third Party Advisory
security@apache.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2017-0457.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2017-1551.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2016/dsa-3720Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/93944Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1037141Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1038757Broken Link
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:0455Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:0456Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1548Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1549Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1550Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:1552Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2247Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/5a2105a56b2495ab70fa568f06925bd861f0d71ffab4fb38bb4fdc45%40%3Cannounce.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20180605-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4557-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0956A16-7E61-40E4-B107-2A0EEA1208C5",
                     versionEndIncluding: "6.0.45",
                     versionStartIncluding: "6.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5DCDF5FD-A879-4E78-A572-78C325F13C85",
                     versionEndIncluding: "7.0.70",
                     versionStartIncluding: "7.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D30B2FCD-09F0-4647-84AE-343ECD724D45",
                     versionEndIncluding: "8.0.36",
                     versionStartIncluding: "8.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E7CA297-C102-4AF2-82D1-EF565ACCD1F5",
                     versionEndIncluding: "8.5.4",
                     versionStartIncluding: "8.5.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*",
                     matchCriteriaId: "9D0689FE-4BC0-4F53-8C79-34B21F9B86C2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*",
                     matchCriteriaId: "9F542E12-6BA8-4504-A494-DA83E7E19BD5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*",
                     matchCriteriaId: "C0C5F004-F7D8-45DB-B173-351C50B0EC16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*",
                     matchCriteriaId: "D1902D2E-1896-4D3D-9E1C-3A675255072C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*",
                     matchCriteriaId: "49AAF4DF-F61D-47A8-8788-A21E317A145D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*",
                     matchCriteriaId: "454211D0-60A2-4661-AECA-4C0121413FEB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*",
                     matchCriteriaId: "0686F977-889F-4960-8E0B-7784B73A7F2D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*",
                     matchCriteriaId: "558703AE-DB5E-4DFF-B497-C36694DD7B24",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*",
                     matchCriteriaId: "ED6273F2-1165-47A4-8DD7-9E9B2472941B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3BD81527-A341-42C3-9AB9-880D3DB04B08",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F4754FB-E3EB-454A-AB1A-AE3835C5350C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:tekelec_platform_distribution:7.4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "77EB3C45-00AC-417F-9DE8-FAADDC608A97",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:tekelec_platform_distribution:7.7.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "937DEFD6-44BE-4DC0-B5FA-FB63CD7B3A1F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2E0AFF9-F664-4D46-AEF4-07C725CC5448",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E2F2F98-DB90-43F6-8F28-3656207B6188",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "F96E3779-F56A-45FF-BB3D-4980527D721E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "7431ABC1-9252-419E-8CC1-311B41360078",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet.",
      },
      {
         lang: "es",
         value: "Una aplicación web maliciosa en Apache Tomcat 9.0.0.M1 a 9.0.0.M9, 8.5.0 a 8.5.4, 8.0.0.RC1 a 8.0.36, 7.0.0 a 7.0.70, y 6.0.0 a 6.0.45 era capaz de eludir un SecurityManager configurado mediante la manipulación de los parámetros de configuración para el Servlet JSP.",
      },
   ],
   id: "CVE-2016-6796",
   lastModified: "2024-11-21T02:56:50.510",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: true,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2017-08-11T02:29:00.240",
   references: [
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2017-1551.html",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2016/dsa-3720",
      },
      {
         source: "security@apache.org",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securityfocus.com/bid/93944",
      },
      {
         source: "security@apache.org",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securitytracker.com/id/1037141",
      },
      {
         source: "security@apache.org",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securitytracker.com/id/1038757",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0455",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0456",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:1548",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:1549",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:1550",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:1552",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:2247",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/5a2105a56b2495ab70fa568f06925bd861f0d71ffab4fb38bb4fdc45%40%3Cannounce.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4557-1/",
      },
      {
         source: "security@apache.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2017-1551.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2016/dsa-3720",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securityfocus.com/bid/93944",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securitytracker.com/id/1037141",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securitytracker.com/id/1038757",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0455",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0456",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:1548",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:1549",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:1550",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:1552",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:2247",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/5a2105a56b2495ab70fa568f06925bd861f0d71ffab4fb38bb4fdc45%40%3Cannounce.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4557-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
   ],
   sourceIdentifier: "security@apache.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-03-07 05:15
Modified
2024-11-21 05:57
Summary
An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.
References
cve@mitre.orghttp://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.htmlThird Party Advisory, VDB Entry
cve@mitre.orghttps://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.htmlExploit, Third Party Advisory
cve@mitre.orghttps://bugzilla.suse.com/show_bug.cgi?id=1182717Issue Tracking, Third Party Advisory
cve@mitre.orghttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=688e8128b7a92df982709a4137ea4588d16f24aaMailing List, Patch, Vendor Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2021/03/msg00010.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2021/03/msg00035.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20210409-0001/Third Party Advisory
cve@mitre.orghttps://www.openwall.com/lists/oss-security/2021/03/06/1Mailing List, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.htmlExploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.suse.com/show_bug.cgi?id=1182717Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=688e8128b7a92df982709a4137ea4588d16f24aaMailing List, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/03/msg00010.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/03/msg00035.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20210409-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.openwall.com/lists/oss-security/2021/03/06/1Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AAEB7028-B576-457E-927A-8025DB7F3D14",
                     versionEndIncluding: "5.11.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "26F05F85-7458-4C8F-B93F-93C92E506A40",
                     versionEndIncluding: "7.7.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "902B8056-9E37-443B-8905-8AA93E2447FB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.",
      },
      {
         lang: "es",
         value: "Se detectó un problema en el kernel de Linux versiones hasta 5.11.3. El archivo drivers/scsi/scsi_transport_iscsi.c está afectado negativamente por la capacidad de un usuario sin privilegios de crear mensajes Netlink",
      },
   ],
   id: "CVE-2021-27364",
   lastModified: "2024-11-21T05:57:50.677",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "LOW",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 3.6,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.2,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-03-07T05:15:13.437",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.suse.com/show_bug.cgi?id=1182717",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=688e8128b7a92df982709a4137ea4588d16f24aa",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20210409-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2021/03/06/1",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.suse.com/show_bug.cgi?id=1182717",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=688e8128b7a92df982709a4137ea4588d16f24aa",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20210409-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2021/03/06/1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-06-05 15:15
Modified
2024-11-21 05:00
Summary
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://github.com/Perl/perl5/blob/blead/pod/perl5303delta.podThird Party Advisory
cve@mitre.orghttps://github.com/Perl/perl5/compare/v5.30.2...v5.30.3Patch, Third Party Advisory
cve@mitre.orghttps://github.com/Perl/perl5/issues/16947Third Party Advisory
cve@mitre.orghttps://github.com/Perl/perl5/issues/17743Third Party Advisory
cve@mitre.orghttps://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184aPatch, Third Party Advisory
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/
cve@mitre.orghttps://security.gentoo.org/glsa/202006-03Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20200611-0001/Third Party Advisory
cve@mitre.orghttps://www.oracle.com//security-alerts/cpujul2021.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpujan2021.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpujan2022.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuoct2020.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.podThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/Perl/perl5/issues/16947Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/Perl/perl5/issues/17743Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184aPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/202006-03Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20200611-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com//security-alerts/cpujul2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujan2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujan2022.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2020.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C171B203-3DAA-43B7-A0BE-DDB0895EB744",
                     versionEndExcluding: "5.30.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5735E553-9731-4AAC-BCFF-989377F817B3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F4754FB-E3EB-454A-AB1A-AE3835C5350C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                     matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2ECD5E79-5C1B-42E9-BE0B-A034EE2D632D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E39D442D-1997-49AF-8B02-5640BE2A26CC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C88D46AF-459D-4917-9403-0F63FEC83512",
                     versionEndIncluding: "8.5.0",
                     versionStartIncluding: "8.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A0E3537-CB5A-40BF-B42C-CED9211B8892",
                     versionEndIncluding: "16.4.0",
                     versionStartIncluding: "16.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "996861FC-0089-4BED-8E46-F2B76037EA65",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "37764AF5-E42E-461E-AA43-763D21B3DCE2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_lsms:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "806AF4AF-12FB-4222-84E4-BC9D44EFF09F",
                     versionEndIncluding: "13.4",
                     versionStartIncluding: "13.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "49ACFC73-A509-4D1C-8FC3-F68F495AB055",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "977CA754-6CE0-4FCB-9683-D81B7A15449D",
                     versionEndIncluding: "10.3.0.2.1",
                     versionStartIncluding: "10.3.0.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "29A3F7EF-2A69-427F-9F75-DDDBEE34BA2B",
                     versionEndIncluding: "10.4.0.3.1",
                     versionStartIncluding: "10.4.0.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:configuration_manager:12.1.2.0.8:*:*:*:*:*:*:*",
                     matchCriteriaId: "495DECD7-B14F-4D59-B3E1-30BF9B267475",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D26F3E23-F1A9-45E7-9E5F-0C0A24EE3783",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:sd-wan_edge:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "78C99571-0F3C-43E6-84B3-7D80E045EF8E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:sd-wan_edge:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "77E39D5C-5EFA-4FEB-909E-0A92004F2563",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:sd-wan_edge:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06816711-7C49-47B9-A9D7-FB18CC3F42F2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "26F05F85-7458-4C8F-B93F-93C92E506A40",
                     versionEndIncluding: "7.7.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.",
      },
      {
         lang: "es",
         value: "En el archivo regcomp.c en Perl versiones anteriores a 5.30.3, permite un desbordamiento del búfer por medio de una expresión regular diseñada debido a llamadas recursivas de la función S_study_chunk",
      },
   ],
   id: "CVE-2020-12723",
   lastModified: "2024-11-21T05:00:08.870",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-06-05T15:15:10.800",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/Perl/perl5/issues/16947",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/Perl/perl5/issues/17743",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202006-03",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200611-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com//security-alerts/cpujul2021.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2021.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2022.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2020.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/Perl/perl5/issues/16947",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/Perl/perl5/issues/17743",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202006-03",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200611-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com//security-alerts/cpujul2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2022.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2020.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-120",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2017-08-10 16:29
Modified
2024-11-21 02:42
Summary
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder.
References
security@apache.orghttp://rhn.redhat.com/errata/RHSA-2017-0457.htmlThird Party Advisory
security@apache.orghttp://www.debian.org/security/2016/dsa-3720Third Party Advisory
security@apache.orghttp://www.securityfocus.com/bid/93939Broken Link
security@apache.orghttp://www.securitytracker.com/id/1037144Broken Link
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:0455Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:0456Third Party Advisory
security@apache.orghttps://access.redhat.com/errata/RHSA-2017:2247Third Party Advisory
security@apache.orghttps://lists.apache.org/thread.html/1872f96bad43647832bdd84a408794cd06d9cbb557af63085ca10009%40%3Cannounce.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://security.netapp.com/advisory/ntap-20180605-0001/Third Party Advisory
security@apache.orghttps://usn.ubuntu.com/4557-1/Third Party Advisory
security@apache.orghttps://www.oracle.com//security-alerts/cpujul2021.htmlPatch, Third Party Advisory
security@apache.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2017-0457.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2016/dsa-3720Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/93939Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1037144Broken Link
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:0455Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:0456Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2247Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/1872f96bad43647832bdd84a408794cd06d9cbb557af63085ca10009%40%3Cannounce.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20180605-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4557-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com//security-alerts/cpujul2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0956A16-7E61-40E4-B107-2A0EEA1208C5",
                     versionEndIncluding: "6.0.45",
                     versionStartIncluding: "6.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5DCDF5FD-A879-4E78-A572-78C325F13C85",
                     versionEndIncluding: "7.0.70",
                     versionStartIncluding: "7.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D30B2FCD-09F0-4647-84AE-343ECD724D45",
                     versionEndIncluding: "8.0.36",
                     versionStartIncluding: "8.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E7CA297-C102-4AF2-82D1-EF565ACCD1F5",
                     versionEndIncluding: "8.5.4",
                     versionStartIncluding: "8.5.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*",
                     matchCriteriaId: "9D0689FE-4BC0-4F53-8C79-34B21F9B86C2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*",
                     matchCriteriaId: "9F542E12-6BA8-4504-A494-DA83E7E19BD5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*",
                     matchCriteriaId: "C0C5F004-F7D8-45DB-B173-351C50B0EC16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*",
                     matchCriteriaId: "D1902D2E-1896-4D3D-9E1C-3A675255072C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*",
                     matchCriteriaId: "49AAF4DF-F61D-47A8-8788-A21E317A145D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*",
                     matchCriteriaId: "454211D0-60A2-4661-AECA-4C0121413FEB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*",
                     matchCriteriaId: "0686F977-889F-4960-8E0B-7784B73A7F2D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*",
                     matchCriteriaId: "558703AE-DB5E-4DFF-B497-C36694DD7B24",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*",
                     matchCriteriaId: "ED6273F2-1165-47A4-8DD7-9E9B2472941B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E2F2F98-DB90-43F6-8F28-3656207B6188",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "F96E3779-F56A-45FF-BB3D-4980527D721E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "7431ABC1-9252-419E-8CC1-311B41360078",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3BD81527-A341-42C3-9AB9-880D3DB04B08",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F4754FB-E3EB-454A-AB1A-AE3835C5350C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C88D46AF-459D-4917-9403-0F63FEC83512",
                     versionEndIncluding: "8.5.0",
                     versionStartIncluding: "8.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "26F05F85-7458-4C8F-B93F-93C92E506A40",
                     versionEndIncluding: "7.7.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder.",
      },
      {
         lang: "es",
         value: "Las implementaciones Realm en Apache Tomcat versiones 9.0.0.M1 a 9.0.0.M9, 8.5.0 a 8.5.4, 8.0.0.RC1 a 8.0.36, 7.0.0 a 7.0.70, y 6.0.0 a 6.0.45 no procesaban la contraseña proporcionada si el nombre de usuario proporcionado no existía. Esto hizo posible la realización de un ataque basado en tiempo para determinar nombres de usuario válidos. Tenga en cuenta que la configuración por defecto incluye LockOutRealm, lo que hace que sea más difícil explotar esta vulnerabilidad.",
      },
   ],
   id: "CVE-2016-0762",
   lastModified: "2024-11-21T02:42:19.707",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.9,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.2,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2017-08-10T16:29:00.313",
   references: [
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2016/dsa-3720",
      },
      {
         source: "security@apache.org",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securityfocus.com/bid/93939",
      },
      {
         source: "security@apache.org",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securitytracker.com/id/1037144",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0455",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0456",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:2247",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/1872f96bad43647832bdd84a408794cd06d9cbb557af63085ca10009%40%3Cannounce.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4557-1/",
      },
      {
         source: "security@apache.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com//security-alerts/cpujul2021.html",
      },
      {
         source: "security@apache.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.debian.org/security/2016/dsa-3720",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securityfocus.com/bid/93939",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
         ],
         url: "http://www.securitytracker.com/id/1037144",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0455",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:0456",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2017:2247",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/1872f96bad43647832bdd84a408794cd06d9cbb557af63085ca10009%40%3Cannounce.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4557-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com//security-alerts/cpujul2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
   ],
   sourceIdentifier: "security@apache.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-203",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-06-05 14:15
Modified
2024-11-21 04:55
Summary
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
References
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://github.com/Perl/perl5/blob/blead/pod/perl5303delta.podThird Party Advisory
cve@mitre.orghttps://github.com/Perl/perl5/compare/v5.30.2...v5.30.3Third Party Advisory
cve@mitre.orghttps://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03edPatch, Third Party Advisory
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/
cve@mitre.orghttps://security.gentoo.org/glsa/202006-03Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20200611-0001/Third Party Advisory
cve@mitre.orghttps://www.oracle.com//security-alerts/cpujul2021.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpujan2021.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpujan2022.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuoct2020.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.podThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03edPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/202006-03Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20200611-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com//security-alerts/cpujul2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujan2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujan2022.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2020.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:perl:perl:*:*:*:*:*:*:x86:*",
                     matchCriteriaId: "FF17E933-217A-4DDA-91C2-FEF2739550A1",
                     versionEndExcluding: "5.30.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                     matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2ECD5E79-5C1B-42E9-BE0B-A034EE2D632D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E39D442D-1997-49AF-8B02-5640BE2A26CC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C88D46AF-459D-4917-9403-0F63FEC83512",
                     versionEndIncluding: "8.5.0",
                     versionStartIncluding: "8.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A0E3537-CB5A-40BF-B42C-CED9211B8892",
                     versionEndIncluding: "16.4.0",
                     versionStartIncluding: "16.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "996861FC-0089-4BED-8E46-F2B76037EA65",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "37764AF5-E42E-461E-AA43-763D21B3DCE2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:46.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "879FE18D-6B1C-4CF7-B409-C379E9F60D0A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:46.8:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2BE3FB3-5619-4381-BE4E-FBADB3C747F9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:46.9:*:*:*:*:*:*:*",
                     matchCriteriaId: "4AB3C447-DA3F-44FF-91FD-8985C0527940",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_lsms:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "806AF4AF-12FB-4222-84E4-BC9D44EFF09F",
                     versionEndIncluding: "13.4",
                     versionStartIncluding: "13.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "49ACFC73-A509-4D1C-8FC3-F68F495AB055",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "977CA754-6CE0-4FCB-9683-D81B7A15449D",
                     versionEndIncluding: "10.3.0.2.1",
                     versionStartIncluding: "10.3.0.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "29A3F7EF-2A69-427F-9F75-DDDBEE34BA2B",
                     versionEndIncluding: "10.4.0.3.1",
                     versionStartIncluding: "10.4.0.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7B49D71-6A31-497A-B6A9-06E84F086E7A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:configuration_manager:12.1.2.0.8:*:*:*:*:*:*:*",
                     matchCriteriaId: "495DECD7-B14F-4D59-B3E1-30BF9B267475",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D26F3E23-F1A9-45E7-9E5F-0C0A24EE3783",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:sd-wan_edge:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "78C99571-0F3C-43E6-84B3-7D80E045EF8E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:sd-wan_edge:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "77E39D5C-5EFA-4FEB-909E-0A92004F2563",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:sd-wan_edge:9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "06816711-7C49-47B9-A9D7-FB18CC3F42F2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "26F05F85-7458-4C8F-B93F-93C92E506A40",
                     versionEndIncluding: "7.7.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.",
      },
      {
         lang: "es",
         value: "Perl versiones anteriores a 5.30.3 en plataformas de 32 bits permite un desbordamiento del búfer en la región heap de la memoria porque los cuantificadores de expresiones regulares anidadas presentan un desbordamiento de enteros",
      },
   ],
   id: "CVE-2020-10543",
   lastModified: "2024-11-21T04:55:32.927",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.4,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 4.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-06-05T14:15:10.467",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed",
      },
      {
         source: "cve@mitre.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202006-03",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200611-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com//security-alerts/cpujul2021.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2021.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2022.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2020.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202006-03",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200611-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com//security-alerts/cpujul2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2022.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2020.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-190",
            },
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-01-26 21:15
Modified
2025-01-14 19:29
Summary
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
References
cve@mitre.orghttp://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.htmlExploit, Third Party Advisory, VDB Entry
cve@mitre.orghttp://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.htmlExploit, Third Party Advisory, VDB Entry
cve@mitre.orghttp://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.htmlExploit, Third Party Advisory, VDB Entry
cve@mitre.orghttp://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.htmlExploit, Third Party Advisory, VDB Entry
cve@mitre.orghttp://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.htmlExploit, Third Party Advisory, VDB Entry
cve@mitre.orghttp://seclists.org/fulldisclosure/2021/Feb/42Mailing List, Third Party Advisory
cve@mitre.orghttp://seclists.org/fulldisclosure/2021/Jan/79Exploit, Mailing List, Third Party Advisory
cve@mitre.orghttp://seclists.org/fulldisclosure/2024/Feb/3Exploit, Mailing List, Third Party Advisory
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2021/01/26/3Exploit, Mailing List, Third Party Advisory
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2021/01/27/1Mailing List, Third Party Advisory
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2021/01/27/2Mailing List, Third Party Advisory
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2021/02/15/1Exploit, Mailing List, Third Party Advisory
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2021/09/14/2Mailing List, Patch, Third Party Advisory
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2024/01/30/6Exploit, Mailing List
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2024/01/30/8Mailing List
cve@mitre.orghttps://kc.mcafee.com/corporate/index?page=content&id=SB10348Broken Link, Third Party Advisory
cve@mitre.orghttps://lists.debian.org/debian-lts-announce/2021/01/msg00022.htmlMailing List, Third Party Advisory
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/Mailing List, Release Notes
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/Mailing List, Release Notes
cve@mitre.orghttps://security.gentoo.org/glsa/202101-33Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20210128-0001/Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20210128-0002/Third Party Advisory
cve@mitre.orghttps://support.apple.com/kb/HT212177Third Party Advisory
cve@mitre.orghttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcMThird Party Advisory
cve@mitre.orghttps://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerabilityThird Party Advisory
cve@mitre.orghttps://www.debian.org/security/2021/dsa-4839Third Party Advisory
cve@mitre.orghttps://www.kb.cert.org/vuls/id/794544Third Party Advisory, US Government Resource
cve@mitre.orghttps://www.openwall.com/lists/oss-security/2021/01/26/3Exploit, Mailing List, Third Party Advisory
cve@mitre.orghttps://www.oracle.com//security-alerts/cpujul2021.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory
cve@mitre.orghttps://www.sudo.ws/stable.html#1.9.5p2Release Notes
cve@mitre.orghttps://www.synology.com/security/advisory/Synology_SA_21_02Third Party Advisory
cve@mitre.orghttps://www.vicarius.io/vsociety/posts/sudoedit-pwned-cve-2021-3156Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2021/Feb/42Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2021/Jan/79Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2024/Feb/3Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/01/26/3Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/01/27/1Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/01/27/2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/02/15/1Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/09/14/2Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2024/01/30/6Exploit, Mailing List
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2024/01/30/8Mailing List
af854a3a-2127-422b-91ae-364da2661108https://kc.mcafee.com/corporate/index?page=content&id=SB10348Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/01/msg00022.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/Mailing List, Release Notes
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/Mailing List, Release Notes
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/202101-33Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20210128-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20210128-0002/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/kb/HT212177Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcMThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerabilityThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2021/dsa-4839Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.kb.cert.org/vuls/id/794544Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://www.openwall.com/lists/oss-security/2021/01/26/3Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com//security-alerts/cpujul2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.sudo.ws/stable.html#1.9.5p2Release Notes
af854a3a-2127-422b-91ae-364da2661108https://www.synology.com/security/advisory/Synology_SA_21_02Third Party Advisory



{
   cisaActionDue: "2022-04-27",
   cisaExploitAdd: "2022-04-06",
   cisaRequiredAction: "Apply updates per vendor instructions.",
   cisaVulnerabilityName: "Sudo Heap-Based Buffer Overflow Vulnerability",
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED707F57-531B-4066-AFF0-7239F87B6BF5",
                     versionEndExcluding: "1.8.32",
                     versionStartIncluding: "1.8.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "38FC37F7-DE89-4078-BB55-EBFBF3A2D780",
                     versionEndExcluding: "1.9.5",
                     versionStartIncluding: "1.9.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sudo_project:sudo:1.9.5:-:*:*:*:*:*:*",
                     matchCriteriaId: "436F3F62-FBA8-44CB-A5A9-AA4D7E0F9A09",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:sudo_project:sudo:1.9.5:patch1:*:*:*:*:*:*",
                     matchCriteriaId: "3C21138F-EB70-4AAE-9F45-C75CCE59BA89",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
                     matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                     matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3C19813-E823-456A-B1CE-EC0684CE1953",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A4D418D-B526-46B9-B439-E1963BF88C0A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "C2D814BE-93EC-42EF-88C5-EA7E7DF07BE5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:mcafee:web_gateway:8.2.17:*:*:*:*:*:*:*",
                     matchCriteriaId: "D2039589-B543-49B6-AC5F-74C4253B416D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:mcafee:web_gateway:9.2.8:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E014E1E-0013-434F-9C59-178DAC089687",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:mcafee:web_gateway:10.0.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "3CE836FD-3453-4277-BC18-A4868C183F42",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:synology:diskstation_manager_unified_controller:3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA272C48-259B-4402-BB75-552B6983CD43",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:synology:diskstation_manager:6.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "D9685B12-824F-42AD-B87C-6E7A78BB7FA5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:synology:skynas_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "53EF087B-D7E9-4F9A-803A-B0260C495C67",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:synology:skynas:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D0A88A76-CF8A-4D29-B480-E5317219072D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D0C5120-B961-440F-B454-584BC54B549C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1CCBDFF9-AF42-4681-879B-CF789EBAD130",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:beyondtrust:privilege_management_for_mac:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "38A18800-4BB0-46A1-BD9D-78EC7A07E7B9",
                     versionEndExcluding: "21.1.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:beyondtrust:privilege_management_for_unix\\/linux:*:*:*:*:basic:*:*:*",
                     matchCriteriaId: "48DC5B58-0E31-480E-BF05-787287DFF42B",
                     versionEndExcluding: "10.3.2-10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:oracle:micros_compact_workstation_3_firmware:310:*:*:*:*:*:*:*",
                     matchCriteriaId: "1CE3FF32-E472-4E90-9DE5-803AD6FD9E27",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:oracle:micros_compact_workstation_3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7DA4F0AD-B8A4-4EB9-A220-FEEC9B147D3C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:oracle:micros_es400_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9AA5297B-05DF-4A23-B684-60F2107339B0",
                     versionEndIncluding: "410",
                     versionStartIncluding: "400",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:oracle:micros_es400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2BBD07A-4731-41D1-AB66-77082951D99C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:oracle:micros_kitchen_display_system_firmware:210:*:*:*:*:*:*:*",
                     matchCriteriaId: "57E6A365-F04F-4991-888F-D8E9391A9857",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:oracle:micros_kitchen_display_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D1424AF8-9337-427B-B6FA-C5EB8B201FB7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:oracle:micros_workstation_5a_firmware:5a:*:*:*:*:*:*:*",
                     matchCriteriaId: "C78FDD3A-F241-4172-8725-7D51D8E705E7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:oracle:micros_workstation_5a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F607BA3F-246F-42BE-9EBD-A2CAE098C0C2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:oracle:micros_workstation_6_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D59535D6-8D64-4B8F-BC1B-5846600C9F81",
                     versionEndIncluding: "655",
                     versionStartIncluding: "610",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:oracle:micros_workstation_6:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "82A66154-5DF0-43FF-9F70-1221D3E6F919",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "977CA754-6CE0-4FCB-9683-D81B7A15449D",
                     versionEndIncluding: "10.3.0.2.1",
                     versionStartIncluding: "10.3.0.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "29A3F7EF-2A69-427F-9F75-DDDBEE34BA2B",
                     versionEndIncluding: "10.4.0.3.1",
                     versionStartIncluding: "10.4.0.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "26F05F85-7458-4C8F-B93F-93C92E506A40",
                     versionEndIncluding: "7.7.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via \"sudoedit -s\" and a command-line argument that ends with a single backslash character.",
      },
      {
         lang: "es",
         value: "Sudo versiones anteriores a 1.9.5p2 contiene un error de desbordamiento que puede resultar en un desbordamiento de búfer basado en la pila, lo que permite la escalada de privilegios a root a través de \"sudoedit -s\" y un argumento de línea de comandos que termina con un solo carácter de barra invertida",
      },
   ],
   id: "CVE-2021-3156",
   lastModified: "2025-01-14T19:29:55.853",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-01-26T21:15:12.987",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://seclists.org/fulldisclosure/2021/Feb/42",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://seclists.org/fulldisclosure/2021/Jan/79",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://seclists.org/fulldisclosure/2024/Feb/3",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/01/26/3",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/01/27/1",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/01/27/2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/02/15/1",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/09/14/2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Mailing List",
         ],
         url: "http://www.openwall.com/lists/oss-security/2024/01/30/6",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
         ],
         url: "http://www.openwall.com/lists/oss-security/2024/01/30/8",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Broken Link",
            "Third Party Advisory",
         ],
         url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10348",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Release Notes",
         ],
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Mailing List",
            "Release Notes",
         ],
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202101-33",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20210128-0001/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20210128-0002/",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://support.apple.com/kb/HT212177",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2021/dsa-4839",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "US Government Resource",
         ],
         url: "https://www.kb.cert.org/vuls/id/794544",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2021/01/26/3",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com//security-alerts/cpujul2021.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Release Notes",
         ],
         url: "https://www.sudo.ws/stable.html#1.9.5p2",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.synology.com/security/advisory/Synology_SA_21_02",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Exploit",
            "Third Party Advisory",
         ],
         url: "https://www.vicarius.io/vsociety/posts/sudoedit-pwned-cve-2021-3156",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://seclists.org/fulldisclosure/2021/Feb/42",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://seclists.org/fulldisclosure/2021/Jan/79",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://seclists.org/fulldisclosure/2024/Feb/3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/01/26/3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/01/27/1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/01/27/2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/02/15/1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/09/14/2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Mailing List",
         ],
         url: "http://www.openwall.com/lists/oss-security/2024/01/30/6",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
         ],
         url: "http://www.openwall.com/lists/oss-security/2024/01/30/8",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
            "Third Party Advisory",
         ],
         url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10348",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Release Notes",
         ],
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Release Notes",
         ],
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202101-33",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20210128-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20210128-0002/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://support.apple.com/kb/HT212177",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2021/dsa-4839",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "US Government Resource",
         ],
         url: "https://www.kb.cert.org/vuls/id/794544",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2021/01/26/3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com//security-alerts/cpujul2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Release Notes",
         ],
         url: "https://www.sudo.ws/stable.html#1.9.5p2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.synology.com/security/advisory/Synology_SA_21_02",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-193",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

cve-2021-20265
Vulnerability from cvelistv5
Published
2021-03-10 15:30
Modified
2024-08-03 17:37
Severity ?
Summary
A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system availability.
Impacted products
Vendor Product Version
n/a kernel Version: Linux kernel 4.5-rc3
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T17:37:23.202Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1908827",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fa0dc04df259ba2df3ce1920e9690c7842f8fa4b",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "kernel",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Linux kernel 4.5-rc3",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system availability.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-400",
                     description: "CWE-400",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-10-20T10:40:33",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1908827",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fa0dc04df259ba2df3ce1920e9690c7842f8fa4b",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "secalert@redhat.com",
               ID: "CVE-2021-20265",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "kernel",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Linux kernel 4.5-rc3",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system availability.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-400",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1908827",
                     refsource: "MISC",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1908827",
                  },
                  {
                     name: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fa0dc04df259ba2df3ce1920e9690c7842f8fa4b",
                     refsource: "MISC",
                     url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fa0dc04df259ba2df3ce1920e9690c7842f8fa4b",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2021-20265",
      datePublished: "2021-03-10T15:30:18",
      dateReserved: "2020-12-17T00:00:00",
      dateUpdated: "2024-08-03T17:37:23.202Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-6794
Vulnerability from cvelistv5
Published
2017-08-10 16:00
Modified
2024-09-17 04:24
Severity ?
Summary
When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible.
References
https://lists.apache.org/thread.html/09d2f2c65ac4ff5da42f15dc2b0f78b655e50f1a42e8a9784134a9eb%40%3Cannounce.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://access.redhat.com/errata/RHSA-2017:2247vendor-advisory, x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2017-0457.htmlvendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:0455vendor-advisory, x_refsource_REDHAT
http://www.securitytracker.com/id/1037143vdb-entry, x_refsource_SECTRACK
http://www.debian.org/security/2016/dsa-3720vendor-advisory, x_refsource_DEBIAN
http://www.securityfocus.com/bid/93943vdb-entry, x_refsource_BID
https://access.redhat.com/errata/RHSA-2017:0456vendor-advisory, x_refsource_REDHAT
https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://usn.ubuntu.com/4557-1/vendor-advisory, x_refsource_UBUNTU
https://security.netapp.com/advisory/ntap-20180605-0001/x_refsource_CONFIRM
https://www.oracle.com/security-alerts/cpuoct2021.htmlx_refsource_MISC
Impacted products
Vendor Product Version
Apache Software Foundation Apache Tomcat Version: 9.0.0.M1 to 9.0.0.M9
Version: 8.5.0 to 8.5.4
Version: 8.0.0.RC1 to 8.0.36
Version: 7.0.0 to 7.0.70
Version: 6.0.0 to 6.0.45
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T01:43:37.900Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "[announce] 20161027 [SECURITY] CVE-2016-6794 Apache Tomcat Security System Property Disclosure",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/09d2f2c65ac4ff5da42f15dc2b0f78b655e50f1a42e8a9784134a9eb%40%3Cannounce.tomcat.apache.org%3E",
               },
               {
                  name: "RHSA-2017:2247",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2247",
               },
               {
                  name: "RHSA-2017:0457",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
               },
               {
                  name: "RHSA-2017:0455",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0455",
               },
               {
                  name: "1037143",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1037143",
               },
               {
                  name: "DSA-3720",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3720",
               },
               {
                  name: "93943",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93943",
               },
               {
                  name: "RHSA-2017:0456",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0456",
               },
               {
                  name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "USN-4557-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4557-1/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Apache Tomcat",
               vendor: "Apache Software Foundation",
               versions: [
                  {
                     status: "affected",
                     version: "9.0.0.M1 to 9.0.0.M9",
                  },
                  {
                     status: "affected",
                     version: "8.5.0 to 8.5.4",
                  },
                  {
                     status: "affected",
                     version: "8.0.0.RC1 to 8.0.36",
                  },
                  {
                     status: "affected",
                     version: "7.0.0 to 7.0.70",
                  },
                  {
                     status: "affected",
                     version: "6.0.0 to 6.0.45",
                  },
               ],
            },
         ],
         datePublic: "2016-10-27T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Information Disclosure",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-10-20T10:37:50",
            orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            shortName: "apache",
         },
         references: [
            {
               name: "[announce] 20161027 [SECURITY] CVE-2016-6794 Apache Tomcat Security System Property Disclosure",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/09d2f2c65ac4ff5da42f15dc2b0f78b655e50f1a42e8a9784134a9eb%40%3Cannounce.tomcat.apache.org%3E",
            },
            {
               name: "RHSA-2017:2247",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2247",
            },
            {
               name: "RHSA-2017:0457",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
            },
            {
               name: "RHSA-2017:0455",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0455",
            },
            {
               name: "1037143",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1037143",
            },
            {
               name: "DSA-3720",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3720",
            },
            {
               name: "93943",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93943",
            },
            {
               name: "RHSA-2017:0456",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0456",
            },
            {
               name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "USN-4557-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4557-1/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@apache.org",
               DATE_PUBLIC: "2016-10-27T00:00:00",
               ID: "CVE-2016-6794",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Apache Tomcat",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "9.0.0.M1 to 9.0.0.M9",
                                       },
                                       {
                                          version_value: "8.5.0 to 8.5.4",
                                       },
                                       {
                                          version_value: "8.0.0.RC1 to 8.0.36",
                                       },
                                       {
                                          version_value: "7.0.0 to 7.0.70",
                                       },
                                       {
                                          version_value: "6.0.0 to 6.0.45",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Apache Software Foundation",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Information Disclosure",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "[announce] 20161027 [SECURITY] CVE-2016-6794 Apache Tomcat Security System Property Disclosure",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/09d2f2c65ac4ff5da42f15dc2b0f78b655e50f1a42e8a9784134a9eb@%3Cannounce.tomcat.apache.org%3E",
                  },
                  {
                     name: "RHSA-2017:2247",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2247",
                  },
                  {
                     name: "RHSA-2017:0457",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
                  },
                  {
                     name: "RHSA-2017:0455",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:0455",
                  },
                  {
                     name: "1037143",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1037143",
                  },
                  {
                     name: "DSA-3720",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2016/dsa-3720",
                  },
                  {
                     name: "93943",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/93943",
                  },
                  {
                     name: "RHSA-2017:0456",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:0456",
                  },
                  {
                     name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "USN-4557-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4557-1/",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20180605-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
      assignerShortName: "apache",
      cveId: "CVE-2016-6794",
      datePublished: "2017-08-10T16:00:00Z",
      dateReserved: "2016-08-12T00:00:00",
      dateUpdated: "2024-09-17T04:24:06.893Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-3156
Vulnerability from cvelistv5
Published
2021-01-26 00:00
Modified
2024-09-18 16:41
Severity ?
Summary
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
References
https://lists.debian.org/debian-lts-announce/2021/01/msg00022.htmlmailing-list
http://seclists.org/fulldisclosure/2021/Jan/79mailing-list
http://www.openwall.com/lists/oss-security/2021/01/26/3mailing-list
https://security.gentoo.org/glsa/202101-33vendor-advisory
https://www.debian.org/security/2021/dsa-4839vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/vendor-advisory
http://www.openwall.com/lists/oss-security/2021/01/27/1mailing-list
http://www.openwall.com/lists/oss-security/2021/01/27/2mailing-list
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcMvendor-advisory
https://www.kb.cert.org/vuls/id/794544third-party-advisory
http://seclists.org/fulldisclosure/2021/Feb/42mailing-list
http://www.openwall.com/lists/oss-security/2021/02/15/1mailing-list
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.sudo.ws/stable.html#1.9.5p2
https://www.openwall.com/lists/oss-security/2021/01/26/3
http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html
https://security.netapp.com/advisory/ntap-20210128-0002/
https://security.netapp.com/advisory/ntap-20210128-0001/
http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html
http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html
http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html
https://support.apple.com/kb/HT212177
https://kc.mcafee.com/corporate/index?page=content&id=SB10348
https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability
https://www.synology.com/security/advisory/Synology_SA_21_02
http://www.openwall.com/lists/oss-security/2021/09/14/2mailing-list
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html
http://www.openwall.com/lists/oss-security/2024/01/30/8mailing-list
http://www.openwall.com/lists/oss-security/2024/01/30/6mailing-list
http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html
http://seclists.org/fulldisclosure/2024/Feb/3mailing-list
https://www.vicarius.io/vsociety/posts/sudoedit-pwned-cve-2021-3156
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T16:45:51.408Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "[debian-lts-announce] 20210126 [SECURITY] [DLA 2534-1] sudo security update",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html",
               },
               {
                  name: "20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2021/Jan/79",
               },
               {
                  name: "[oss-security] 20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2021/01/26/3",
               },
               {
                  name: "GLSA-202101-33",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202101-33",
               },
               {
                  name: "DSA-4839",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2021/dsa-4839",
               },
               {
                  name: "FEDORA-2021-2cb63d912a",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/",
               },
               {
                  name: "FEDORA-2021-8840cbdccd",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/",
               },
               {
                  name: "[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2021/01/27/1",
               },
               {
                  name: "[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2021/01/27/2",
               },
               {
                  name: "20210129 Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM",
               },
               {
                  name: "VU#794544",
                  tags: [
                     "third-party-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.kb.cert.org/vuls/id/794544",
               },
               {
                  name: "20210211 APPLE-SA-2021-02-09-1 macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2021/Feb/42",
               },
               {
                  name: "[oss-security] 20210215 Re: sudo: Ineffective NO_ROOT_MAILER and Baron Samedit",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2021/02/15/1",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com//security-alerts/cpujul2021.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.sudo.ws/stable.html#1.9.5p2",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.openwall.com/lists/oss-security/2021/01/26/3",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20210128-0002/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20210128-0001/",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/kb/HT212177",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10348",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.synology.com/security/advisory/Synology_SA_21_02",
               },
               {
                  name: "[oss-security] 20210914 Re: Oracle Solaris membership in the distros list",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2021/09/14/2",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
               },
               {
                  name: "[oss-security] 20240130 Re: CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/01/30/8",
               },
               {
                  name: "[oss-security] 20240130 CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/01/30/6",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html",
               },
               {
                  name: "20240204 CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2024/Feb/3",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via \"sudoedit -s\" and a command-line argument that ends with a single backslash character.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-18T16:41:27.031257",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "[debian-lts-announce] 20210126 [SECURITY] [DLA 2534-1] sudo security update",
               tags: [
                  "mailing-list",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html",
            },
            {
               name: "20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)",
               tags: [
                  "mailing-list",
               ],
               url: "http://seclists.org/fulldisclosure/2021/Jan/79",
            },
            {
               name: "[oss-security] 20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)",
               tags: [
                  "mailing-list",
               ],
               url: "http://www.openwall.com/lists/oss-security/2021/01/26/3",
            },
            {
               name: "GLSA-202101-33",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://security.gentoo.org/glsa/202101-33",
            },
            {
               name: "DSA-4839",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.debian.org/security/2021/dsa-4839",
            },
            {
               name: "FEDORA-2021-2cb63d912a",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/",
            },
            {
               name: "FEDORA-2021-8840cbdccd",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/",
            },
            {
               name: "[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)",
               tags: [
                  "mailing-list",
               ],
               url: "http://www.openwall.com/lists/oss-security/2021/01/27/1",
            },
            {
               name: "[oss-security] 20210127 Re: Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156)",
               tags: [
                  "mailing-list",
               ],
               url: "http://www.openwall.com/lists/oss-security/2021/01/27/2",
            },
            {
               name: "20210129 Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM",
            },
            {
               name: "VU#794544",
               tags: [
                  "third-party-advisory",
               ],
               url: "https://www.kb.cert.org/vuls/id/794544",
            },
            {
               name: "20210211 APPLE-SA-2021-02-09-1 macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002",
               tags: [
                  "mailing-list",
               ],
               url: "http://seclists.org/fulldisclosure/2021/Feb/42",
            },
            {
               name: "[oss-security] 20210215 Re: sudo: Ineffective NO_ROOT_MAILER and Baron Samedit",
               tags: [
                  "mailing-list",
               ],
               url: "http://www.openwall.com/lists/oss-security/2021/02/15/1",
            },
            {
               url: "https://www.oracle.com//security-alerts/cpujul2021.html",
            },
            {
               url: "https://www.sudo.ws/stable.html#1.9.5p2",
            },
            {
               url: "https://www.openwall.com/lists/oss-security/2021/01/26/3",
            },
            {
               url: "http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20210128-0002/",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20210128-0001/",
            },
            {
               url: "http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html",
            },
            {
               url: "http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html",
            },
            {
               url: "http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html",
            },
            {
               url: "https://support.apple.com/kb/HT212177",
            },
            {
               url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10348",
            },
            {
               url: "https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability",
            },
            {
               url: "https://www.synology.com/security/advisory/Synology_SA_21_02",
            },
            {
               name: "[oss-security] 20210914 Re: Oracle Solaris membership in the distros list",
               tags: [
                  "mailing-list",
               ],
               url: "http://www.openwall.com/lists/oss-security/2021/09/14/2",
            },
            {
               url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
            },
            {
               url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
            },
            {
               name: "[oss-security] 20240130 Re: CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()",
               tags: [
                  "mailing-list",
               ],
               url: "http://www.openwall.com/lists/oss-security/2024/01/30/8",
            },
            {
               name: "[oss-security] 20240130 CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()",
               tags: [
                  "mailing-list",
               ],
               url: "http://www.openwall.com/lists/oss-security/2024/01/30/6",
            },
            {
               url: "http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html",
            },
            {
               name: "20240204 CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()",
               tags: [
                  "mailing-list",
               ],
               url: "http://seclists.org/fulldisclosure/2024/Feb/3",
            },
            {
               url: "https://www.vicarius.io/vsociety/posts/sudoedit-pwned-cve-2021-3156",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-3156",
      datePublished: "2021-01-26T00:00:00",
      dateReserved: "2021-01-15T00:00:00",
      dateUpdated: "2024-09-18T16:41:27.031257",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-6796
Vulnerability from cvelistv5
Published
2017-08-11 02:00
Modified
2024-09-17 03:32
Severity ?
Summary
A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet.
References
https://access.redhat.com/errata/RHSA-2017:1548vendor-advisory, x_refsource_REDHAT
https://lists.apache.org/thread.html/5a2105a56b2495ab70fa568f06925bd861f0d71ffab4fb38bb4fdc45%40%3Cannounce.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://access.redhat.com/errata/RHSA-2017:1549vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/93944vdb-entry, x_refsource_BID
https://access.redhat.com/errata/RHSA-2017:1552vendor-advisory, x_refsource_REDHAT
http://www.securitytracker.com/id/1038757vdb-entry, x_refsource_SECTRACK
http://www.securitytracker.com/id/1037141vdb-entry, x_refsource_SECTRACK
https://access.redhat.com/errata/RHSA-2017:2247vendor-advisory, x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2017-1551.htmlvendor-advisory, x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2017-0457.htmlvendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:0455vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:1550vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2016/dsa-3720vendor-advisory, x_refsource_DEBIAN
https://access.redhat.com/errata/RHSA-2017:0456vendor-advisory, x_refsource_REDHAT
https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://usn.ubuntu.com/4557-1/vendor-advisory, x_refsource_UBUNTU
https://security.netapp.com/advisory/ntap-20180605-0001/x_refsource_CONFIRM
https://www.oracle.com/security-alerts/cpuoct2021.htmlx_refsource_MISC
Impacted products
Vendor Product Version
Apache Software Foundation Apache Tomcat Version: 9.0.0.M1 to 9.0.0.M9
Version: 8.5.0 to 8.5.4
Version: 8.0.0.RC1 to 8.0.36
Version: 7.0.0 to 7.0.70
Version: 6.0.0 to 6.0.45
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T01:43:37.869Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2017:1548",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1548",
               },
               {
                  name: "[announce] 20161027 [SECURITY] CVE-2016-6796 Apache Tomcat Security Manager Bypass",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/5a2105a56b2495ab70fa568f06925bd861f0d71ffab4fb38bb4fdc45%40%3Cannounce.tomcat.apache.org%3E",
               },
               {
                  name: "RHSA-2017:1549",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1549",
               },
               {
                  name: "93944",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93944",
               },
               {
                  name: "RHSA-2017:1552",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1552",
               },
               {
                  name: "1038757",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1038757",
               },
               {
                  name: "1037141",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1037141",
               },
               {
                  name: "RHSA-2017:2247",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2247",
               },
               {
                  name: "RHSA-2017:1551",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-1551.html",
               },
               {
                  name: "RHSA-2017:0457",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
               },
               {
                  name: "RHSA-2017:0455",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0455",
               },
               {
                  name: "RHSA-2017:1550",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1550",
               },
               {
                  name: "DSA-3720",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3720",
               },
               {
                  name: "RHSA-2017:0456",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0456",
               },
               {
                  name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "USN-4557-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4557-1/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Apache Tomcat",
               vendor: "Apache Software Foundation",
               versions: [
                  {
                     status: "affected",
                     version: "9.0.0.M1 to 9.0.0.M9",
                  },
                  {
                     status: "affected",
                     version: "8.5.0 to 8.5.4",
                  },
                  {
                     status: "affected",
                     version: "8.0.0.RC1 to 8.0.36",
                  },
                  {
                     status: "affected",
                     version: "7.0.0 to 7.0.70",
                  },
                  {
                     status: "affected",
                     version: "6.0.0 to 6.0.45",
                  },
               ],
            },
         ],
         datePublic: "2016-10-27T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Sandbox escape",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-10-20T10:37:51",
            orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            shortName: "apache",
         },
         references: [
            {
               name: "RHSA-2017:1548",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1548",
            },
            {
               name: "[announce] 20161027 [SECURITY] CVE-2016-6796 Apache Tomcat Security Manager Bypass",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/5a2105a56b2495ab70fa568f06925bd861f0d71ffab4fb38bb4fdc45%40%3Cannounce.tomcat.apache.org%3E",
            },
            {
               name: "RHSA-2017:1549",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1549",
            },
            {
               name: "93944",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93944",
            },
            {
               name: "RHSA-2017:1552",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1552",
            },
            {
               name: "1038757",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1038757",
            },
            {
               name: "1037141",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1037141",
            },
            {
               name: "RHSA-2017:2247",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2247",
            },
            {
               name: "RHSA-2017:1551",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-1551.html",
            },
            {
               name: "RHSA-2017:0457",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
            },
            {
               name: "RHSA-2017:0455",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0455",
            },
            {
               name: "RHSA-2017:1550",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1550",
            },
            {
               name: "DSA-3720",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3720",
            },
            {
               name: "RHSA-2017:0456",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0456",
            },
            {
               name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "USN-4557-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4557-1/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@apache.org",
               DATE_PUBLIC: "2016-10-27T00:00:00",
               ID: "CVE-2016-6796",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Apache Tomcat",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "9.0.0.M1 to 9.0.0.M9",
                                       },
                                       {
                                          version_value: "8.5.0 to 8.5.4",
                                       },
                                       {
                                          version_value: "8.0.0.RC1 to 8.0.36",
                                       },
                                       {
                                          version_value: "7.0.0 to 7.0.70",
                                       },
                                       {
                                          version_value: "6.0.0 to 6.0.45",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Apache Software Foundation",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Sandbox escape",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "RHSA-2017:1548",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1548",
                  },
                  {
                     name: "[announce] 20161027 [SECURITY] CVE-2016-6796 Apache Tomcat Security Manager Bypass",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/5a2105a56b2495ab70fa568f06925bd861f0d71ffab4fb38bb4fdc45@%3Cannounce.tomcat.apache.org%3E",
                  },
                  {
                     name: "RHSA-2017:1549",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1549",
                  },
                  {
                     name: "93944",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/93944",
                  },
                  {
                     name: "RHSA-2017:1552",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1552",
                  },
                  {
                     name: "1038757",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1038757",
                  },
                  {
                     name: "1037141",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1037141",
                  },
                  {
                     name: "RHSA-2017:2247",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2247",
                  },
                  {
                     name: "RHSA-2017:1551",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-1551.html",
                  },
                  {
                     name: "RHSA-2017:0457",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
                  },
                  {
                     name: "RHSA-2017:0455",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:0455",
                  },
                  {
                     name: "RHSA-2017:1550",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1550",
                  },
                  {
                     name: "DSA-3720",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2016/dsa-3720",
                  },
                  {
                     name: "RHSA-2017:0456",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:0456",
                  },
                  {
                     name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "USN-4557-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4557-1/",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20180605-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
      assignerShortName: "apache",
      cveId: "CVE-2016-6796",
      datePublished: "2017-08-11T02:00:00Z",
      dateReserved: "2016-08-12T00:00:00",
      dateUpdated: "2024-09-17T03:32:53.822Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-10543
Vulnerability from cvelistv5
Published
2020-06-05 13:17
Modified
2024-08-04 11:06
Severity ?
Summary
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T11:06:09.544Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "GLSA-202006-03",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202006-03",
               },
               {
                  name: "FEDORA-2020-fd73c08076",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/",
               },
               {
                  name: "openSUSE-SU-2020:0850",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2020.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20200611-0001/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpujan2021.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com//security-alerts/cpujul2021.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpujan2022.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-04-19T23:20:49",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "GLSA-202006-03",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/202006-03",
            },
            {
               name: "FEDORA-2020-fd73c08076",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/",
            },
            {
               name: "openSUSE-SU-2020:0850",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuoct2020.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20200611-0001/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpujan2021.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com//security-alerts/cpujul2021.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpujan2022.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-10543",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "GLSA-202006-03",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/202006-03",
                  },
                  {
                     name: "FEDORA-2020-fd73c08076",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/",
                  },
                  {
                     name: "openSUSE-SU-2020:0850",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuoct2020.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuoct2020.html",
                  },
                  {
                     name: "https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed",
                     refsource: "CONFIRM",
                     url: "https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed",
                  },
                  {
                     name: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
                     refsource: "CONFIRM",
                     url: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
                  },
                  {
                     name: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
                     refsource: "CONFIRM",
                     url: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20200611-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20200611-0001/",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpujan2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpujan2021.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuApr2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
                  },
                  {
                     name: "https://www.oracle.com//security-alerts/cpujul2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com//security-alerts/cpujul2021.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpujan2022.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpujan2022.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuapr2022.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-10543",
      datePublished: "2020-06-05T13:17:49",
      dateReserved: "2020-03-13T00:00:00",
      dateUpdated: "2024-08-04T11:06:09.544Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-12723
Vulnerability from cvelistv5
Published
2020-06-05 14:20
Modified
2024-08-04 12:04
Severity ?
Summary
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T12:04:22.480Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "GLSA-202006-03",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202006-03",
               },
               {
                  name: "FEDORA-2020-fd73c08076",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/",
               },
               {
                  name: "openSUSE-SU-2020:0850",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2020.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20200611-0001/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/Perl/perl5/issues/16947",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/Perl/perl5/issues/17743",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpujan2021.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com//security-alerts/cpujul2021.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpujan2022.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-04-19T23:21:14",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "GLSA-202006-03",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/202006-03",
            },
            {
               name: "FEDORA-2020-fd73c08076",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/",
            },
            {
               name: "openSUSE-SU-2020:0850",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuoct2020.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20200611-0001/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/Perl/perl5/issues/16947",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/Perl/perl5/issues/17743",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpujan2021.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com//security-alerts/cpujul2021.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpujan2022.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-12723",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "GLSA-202006-03",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/202006-03",
                  },
                  {
                     name: "FEDORA-2020-fd73c08076",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/",
                  },
                  {
                     name: "openSUSE-SU-2020:0850",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuoct2020.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuoct2020.html",
                  },
                  {
                     name: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
                     refsource: "CONFIRM",
                     url: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
                  },
                  {
                     name: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
                     refsource: "CONFIRM",
                     url: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20200611-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20200611-0001/",
                  },
                  {
                     name: "https://github.com/Perl/perl5/issues/16947",
                     refsource: "MISC",
                     url: "https://github.com/Perl/perl5/issues/16947",
                  },
                  {
                     name: "https://github.com/Perl/perl5/issues/17743",
                     refsource: "MISC",
                     url: "https://github.com/Perl/perl5/issues/17743",
                  },
                  {
                     name: "https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a",
                     refsource: "CONFIRM",
                     url: "https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpujan2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpujan2021.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuApr2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
                  },
                  {
                     name: "https://www.oracle.com//security-alerts/cpujul2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com//security-alerts/cpujul2021.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpujan2022.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpujan2022.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuapr2022.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-12723",
      datePublished: "2020-06-05T14:20:50",
      dateReserved: "2020-05-08T00:00:00",
      dateUpdated: "2024-08-04T12:04:22.480Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-27364
Vulnerability from cvelistv5
Published
2021-03-07 04:03
Modified
2024-08-03 20:48
Severity ?
Summary
An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T20:48:16.468Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "[debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",
               },
               {
                  name: "[debian-lts-announce] 20210330 [SECURITY] [DLA 2610-1] linux-4.19 security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=688e8128b7a92df982709a4137ea4588d16f24aa",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.openwall.com/lists/oss-security/2021/03/06/1",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.suse.com/show_bug.cgi?id=1182717",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20210409-0001/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-10-20T10:41:46",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "[debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",
            },
            {
               name: "[debian-lts-announce] 20210330 [SECURITY] [DLA 2610-1] linux-4.19 security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=688e8128b7a92df982709a4137ea4588d16f24aa",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.openwall.com/lists/oss-security/2021/03/06/1",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugzilla.suse.com/show_bug.cgi?id=1182717",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20210409-0001/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-27364",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "[debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",
                  },
                  {
                     name: "[debian-lts-announce] 20210330 [SECURITY] [DLA 2610-1] linux-4.19 security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                  },
                  {
                     name: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=688e8128b7a92df982709a4137ea4588d16f24aa",
                     refsource: "MISC",
                     url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=688e8128b7a92df982709a4137ea4588d16f24aa",
                  },
                  {
                     name: "https://www.openwall.com/lists/oss-security/2021/03/06/1",
                     refsource: "MISC",
                     url: "https://www.openwall.com/lists/oss-security/2021/03/06/1",
                  },
                  {
                     name: "https://bugzilla.suse.com/show_bug.cgi?id=1182717",
                     refsource: "MISC",
                     url: "https://bugzilla.suse.com/show_bug.cgi?id=1182717",
                  },
                  {
                     name: "https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html",
                     refsource: "MISC",
                     url: "https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html",
                  },
                  {
                     name: "http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html",
                     refsource: "MISC",
                     url: "http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20210409-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20210409-0001/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-27364",
      datePublished: "2021-03-07T04:03:38",
      dateReserved: "2021-02-17T00:00:00",
      dateUpdated: "2024-08-03T20:48:16.468Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-10878
Vulnerability from cvelistv5
Published
2020-06-05 13:27
Modified
2024-08-04 11:14
Severity ?
Summary
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T11:14:15.674Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "GLSA-202006-03",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202006-03",
               },
               {
                  name: "FEDORA-2020-fd73c08076",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/",
               },
               {
                  name: "openSUSE-SU-2020:0850",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2020.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20200611-0001/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/perl/perl5/commit/0a320d753fe7fca03df259a4dfd8e641e51edaa8",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpujan2021.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com//security-alerts/cpujul2021.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpujan2022.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-04-19T23:20:52",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "GLSA-202006-03",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/202006-03",
            },
            {
               name: "FEDORA-2020-fd73c08076",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/",
            },
            {
               name: "openSUSE-SU-2020:0850",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuoct2020.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20200611-0001/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/perl/perl5/commit/0a320d753fe7fca03df259a4dfd8e641e51edaa8",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpujan2021.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com//security-alerts/cpujul2021.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpujan2022.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-10878",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "GLSA-202006-03",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/202006-03",
                  },
                  {
                     name: "FEDORA-2020-fd73c08076",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/",
                  },
                  {
                     name: "openSUSE-SU-2020:0850",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuoct2020.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuoct2020.html",
                  },
                  {
                     name: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
                     refsource: "CONFIRM",
                     url: "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3",
                  },
                  {
                     name: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
                     refsource: "CONFIRM",
                     url: "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20200611-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20200611-0001/",
                  },
                  {
                     name: "https://github.com/perl/perl5/commit/0a320d753fe7fca03df259a4dfd8e641e51edaa8",
                     refsource: "CONFIRM",
                     url: "https://github.com/perl/perl5/commit/0a320d753fe7fca03df259a4dfd8e641e51edaa8",
                  },
                  {
                     name: "https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c",
                     refsource: "CONFIRM",
                     url: "https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpujan2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpujan2021.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuApr2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
                  },
                  {
                     name: "https://www.oracle.com//security-alerts/cpujul2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com//security-alerts/cpujul2021.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpujan2022.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpujan2022.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuapr2022.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuapr2022.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-10878",
      datePublished: "2020-06-05T13:27:22",
      dateReserved: "2020-03-23T00:00:00",
      dateUpdated: "2024-08-04T11:14:15.674Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-6797
Vulnerability from cvelistv5
Published
2017-08-10 22:00
Modified
2024-09-17 04:24
Severity ?
Summary
The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.
References
http://www.securityfocus.com/bid/93940vdb-entry, x_refsource_BID
https://lists.apache.org/thread.html/9325837eb00cba5752c092047433c7f0415134d16e7f391447ff4352%40%3Cannounce.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
http://www.securitytracker.com/id/1037145vdb-entry, x_refsource_SECTRACK
https://access.redhat.com/errata/RHSA-2017:2247vendor-advisory, x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2017-0457.htmlvendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:0455vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2016/dsa-3720vendor-advisory, x_refsource_DEBIAN
https://access.redhat.com/errata/RHSA-2017:0456vendor-advisory, x_refsource_REDHAT
https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://usn.ubuntu.com/4557-1/vendor-advisory, x_refsource_UBUNTU
https://security.netapp.com/advisory/ntap-20180605-0001/x_refsource_CONFIRM
https://www.oracle.com/security-alerts/cpuoct2021.htmlx_refsource_MISC
Impacted products
Vendor Product Version
Apache Software Foundation Apache Tomcat Version: 9.0.0.M1 to 9.0.0.M9
Version: 8.5.0 to 8.5.4
Version: 8.0.0.RC1 to 8.0.36
Version: 7.0.0 to 7.0.70
Version: 6.0.0 to 6.0.45
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T01:43:37.903Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "93940",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93940",
               },
               {
                  name: "[announce] 20161027 [SECURITY] CVE-2016-6797 Apache Tomcat Unrestricted Access to Global Resources",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/9325837eb00cba5752c092047433c7f0415134d16e7f391447ff4352%40%3Cannounce.tomcat.apache.org%3E",
               },
               {
                  name: "1037145",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1037145",
               },
               {
                  name: "RHSA-2017:2247",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2247",
               },
               {
                  name: "RHSA-2017:0457",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
               },
               {
                  name: "RHSA-2017:0455",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0455",
               },
               {
                  name: "DSA-3720",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3720",
               },
               {
                  name: "RHSA-2017:0456",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0456",
               },
               {
                  name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "USN-4557-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4557-1/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Apache Tomcat",
               vendor: "Apache Software Foundation",
               versions: [
                  {
                     status: "affected",
                     version: "9.0.0.M1 to 9.0.0.M9",
                  },
                  {
                     status: "affected",
                     version: "8.5.0 to 8.5.4",
                  },
                  {
                     status: "affected",
                     version: "8.0.0.RC1 to 8.0.36",
                  },
                  {
                     status: "affected",
                     version: "7.0.0 to 7.0.70",
                  },
                  {
                     status: "affected",
                     version: "6.0.0 to 6.0.45",
                  },
               ],
            },
         ],
         datePublic: "2016-10-27T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Information Disclosure",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-10-20T10:37:52",
            orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            shortName: "apache",
         },
         references: [
            {
               name: "93940",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93940",
            },
            {
               name: "[announce] 20161027 [SECURITY] CVE-2016-6797 Apache Tomcat Unrestricted Access to Global Resources",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/9325837eb00cba5752c092047433c7f0415134d16e7f391447ff4352%40%3Cannounce.tomcat.apache.org%3E",
            },
            {
               name: "1037145",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1037145",
            },
            {
               name: "RHSA-2017:2247",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2247",
            },
            {
               name: "RHSA-2017:0457",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
            },
            {
               name: "RHSA-2017:0455",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0455",
            },
            {
               name: "DSA-3720",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3720",
            },
            {
               name: "RHSA-2017:0456",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0456",
            },
            {
               name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "USN-4557-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4557-1/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@apache.org",
               DATE_PUBLIC: "2016-10-27T00:00:00",
               ID: "CVE-2016-6797",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Apache Tomcat",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "9.0.0.M1 to 9.0.0.M9",
                                       },
                                       {
                                          version_value: "8.5.0 to 8.5.4",
                                       },
                                       {
                                          version_value: "8.0.0.RC1 to 8.0.36",
                                       },
                                       {
                                          version_value: "7.0.0 to 7.0.70",
                                       },
                                       {
                                          version_value: "6.0.0 to 6.0.45",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Apache Software Foundation",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Information Disclosure",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "93940",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/93940",
                  },
                  {
                     name: "[announce] 20161027 [SECURITY] CVE-2016-6797 Apache Tomcat Unrestricted Access to Global Resources",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/9325837eb00cba5752c092047433c7f0415134d16e7f391447ff4352@%3Cannounce.tomcat.apache.org%3E",
                  },
                  {
                     name: "1037145",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1037145",
                  },
                  {
                     name: "RHSA-2017:2247",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2247",
                  },
                  {
                     name: "RHSA-2017:0457",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
                  },
                  {
                     name: "RHSA-2017:0455",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:0455",
                  },
                  {
                     name: "DSA-3720",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2016/dsa-3720",
                  },
                  {
                     name: "RHSA-2017:0456",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:0456",
                  },
                  {
                     name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "USN-4557-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4557-1/",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20180605-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
      assignerShortName: "apache",
      cveId: "CVE-2016-6797",
      datePublished: "2017-08-10T22:00:00Z",
      dateReserved: "2016-08-12T00:00:00",
      dateUpdated: "2024-09-17T04:24:37.373Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-5018
Vulnerability from cvelistv5
Published
2017-08-10 16:00
Modified
2024-09-16 18:38
Severity ?
Summary
In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications.
References
https://access.redhat.com/errata/RHSA-2017:1548vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:1549vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/93942vdb-entry, x_refsource_BID
https://access.redhat.com/errata/RHSA-2017:1552vendor-advisory, x_refsource_REDHAT
http://www.securitytracker.com/id/1038757vdb-entry, x_refsource_SECTRACK
https://access.redhat.com/errata/RHSA-2017:2247vendor-advisory, x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2017-1551.htmlvendor-advisory, x_refsource_REDHAT
https://lists.apache.org/thread.html/9b3a63a20c87179815fdea14f6766853bafe79a0042dc0b4aa878a9e%40%3Cannounce.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
http://www.securitytracker.com/id/1037142vdb-entry, x_refsource_SECTRACK
http://rhn.redhat.com/errata/RHSA-2017-0457.htmlvendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:0455vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:1550vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2016/dsa-3720vendor-advisory, x_refsource_DEBIAN
https://access.redhat.com/errata/RHSA-2017:0456vendor-advisory, x_refsource_REDHAT
https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://usn.ubuntu.com/4557-1/vendor-advisory, x_refsource_UBUNTU
https://security.netapp.com/advisory/ntap-20180605-0001/x_refsource_CONFIRM
https://www.oracle.com/security-alerts/cpuoct2021.htmlx_refsource_MISC
http://packetstormsecurity.com/files/155873/Tomcat-9.0.0.M1-Sandbox-Escape.htmlx_refsource_MISC
Impacted products
Vendor Product Version
Apache Software Foundation Apache Tomcat Version: 9.0.0.M1 to 9.0.0.M9
Version: 8.5.0 to 8.5.4
Version: 8.0.0.RC1 to 8.0.36
Version: 7.0.0 to 7.0.70
Version: 6.0.0 to 6.0.45
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:46:40.222Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2017:1548",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1548",
               },
               {
                  name: "RHSA-2017:1549",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1549",
               },
               {
                  name: "93942",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93942",
               },
               {
                  name: "RHSA-2017:1552",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1552",
               },
               {
                  name: "1038757",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1038757",
               },
               {
                  name: "RHSA-2017:2247",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2247",
               },
               {
                  name: "RHSA-2017:1551",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-1551.html",
               },
               {
                  name: "[announce] 20161027 [SECURITY] CVE-2016-5018 Apache Tomcat Security Manager Bypass",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/9b3a63a20c87179815fdea14f6766853bafe79a0042dc0b4aa878a9e%40%3Cannounce.tomcat.apache.org%3E",
               },
               {
                  name: "1037142",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1037142",
               },
               {
                  name: "RHSA-2017:0457",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
               },
               {
                  name: "RHSA-2017:0455",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0455",
               },
               {
                  name: "RHSA-2017:1550",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1550",
               },
               {
                  name: "DSA-3720",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3720",
               },
               {
                  name: "RHSA-2017:0456",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0456",
               },
               {
                  name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "USN-4557-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4557-1/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/155873/Tomcat-9.0.0.M1-Sandbox-Escape.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Apache Tomcat",
               vendor: "Apache Software Foundation",
               versions: [
                  {
                     status: "affected",
                     version: "9.0.0.M1 to 9.0.0.M9",
                  },
                  {
                     status: "affected",
                     version: "8.5.0 to 8.5.4",
                  },
                  {
                     status: "affected",
                     version: "8.0.0.RC1 to 8.0.36",
                  },
                  {
                     status: "affected",
                     version: "7.0.0 to 7.0.70",
                  },
                  {
                     status: "affected",
                     version: "6.0.0 to 6.0.45",
                  },
               ],
            },
         ],
         datePublic: "2016-10-27T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Sandbox Escape",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-10-20T10:37:49",
            orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            shortName: "apache",
         },
         references: [
            {
               name: "RHSA-2017:1548",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1548",
            },
            {
               name: "RHSA-2017:1549",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1549",
            },
            {
               name: "93942",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93942",
            },
            {
               name: "RHSA-2017:1552",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1552",
            },
            {
               name: "1038757",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1038757",
            },
            {
               name: "RHSA-2017:2247",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2247",
            },
            {
               name: "RHSA-2017:1551",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-1551.html",
            },
            {
               name: "[announce] 20161027 [SECURITY] CVE-2016-5018 Apache Tomcat Security Manager Bypass",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/9b3a63a20c87179815fdea14f6766853bafe79a0042dc0b4aa878a9e%40%3Cannounce.tomcat.apache.org%3E",
            },
            {
               name: "1037142",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1037142",
            },
            {
               name: "RHSA-2017:0457",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
            },
            {
               name: "RHSA-2017:0455",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0455",
            },
            {
               name: "RHSA-2017:1550",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1550",
            },
            {
               name: "DSA-3720",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3720",
            },
            {
               name: "RHSA-2017:0456",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0456",
            },
            {
               name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "USN-4557-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4557-1/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/155873/Tomcat-9.0.0.M1-Sandbox-Escape.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@apache.org",
               DATE_PUBLIC: "2016-10-27T00:00:00",
               ID: "CVE-2016-5018",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Apache Tomcat",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "9.0.0.M1 to 9.0.0.M9",
                                       },
                                       {
                                          version_value: "8.5.0 to 8.5.4",
                                       },
                                       {
                                          version_value: "8.0.0.RC1 to 8.0.36",
                                       },
                                       {
                                          version_value: "7.0.0 to 7.0.70",
                                       },
                                       {
                                          version_value: "6.0.0 to 6.0.45",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Apache Software Foundation",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Sandbox Escape",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "RHSA-2017:1548",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1548",
                  },
                  {
                     name: "RHSA-2017:1549",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1549",
                  },
                  {
                     name: "93942",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/93942",
                  },
                  {
                     name: "RHSA-2017:1552",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1552",
                  },
                  {
                     name: "1038757",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1038757",
                  },
                  {
                     name: "RHSA-2017:2247",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2247",
                  },
                  {
                     name: "RHSA-2017:1551",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-1551.html",
                  },
                  {
                     name: "[announce] 20161027 [SECURITY] CVE-2016-5018 Apache Tomcat Security Manager Bypass",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/9b3a63a20c87179815fdea14f6766853bafe79a0042dc0b4aa878a9e@%3Cannounce.tomcat.apache.org%3E",
                  },
                  {
                     name: "1037142",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1037142",
                  },
                  {
                     name: "RHSA-2017:0457",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
                  },
                  {
                     name: "RHSA-2017:0455",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:0455",
                  },
                  {
                     name: "RHSA-2017:1550",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1550",
                  },
                  {
                     name: "DSA-3720",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2016/dsa-3720",
                  },
                  {
                     name: "RHSA-2017:0456",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:0456",
                  },
                  {
                     name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "USN-4557-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4557-1/",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20180605-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                  },
                  {
                     name: "http://packetstormsecurity.com/files/155873/Tomcat-9.0.0.M1-Sandbox-Escape.html",
                     refsource: "MISC",
                     url: "http://packetstormsecurity.com/files/155873/Tomcat-9.0.0.M1-Sandbox-Escape.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
      assignerShortName: "apache",
      cveId: "CVE-2016-5018",
      datePublished: "2017-08-10T16:00:00Z",
      dateReserved: "2016-05-24T00:00:00",
      dateUpdated: "2024-09-16T18:38:35.797Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-27365
Vulnerability from cvelistv5
Published
2021-03-07 04:22
Modified
2024-08-03 20:48
Severity ?
Summary
An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T20:48:16.561Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "[debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",
               },
               {
                  name: "[debian-lts-announce] 20210330 [SECURITY] [DLA 2610-1] linux-4.19 security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.openwall.com/lists/oss-security/2021/03/06/1",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20210409-0001/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.suse.com/show_bug.cgi?id=1182715",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec98ea7070e94cc25a422ec97d1421e28d97b7ee",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f9dbdf97a5bd92b1a49cee3d591b55b11fd7a6d5",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-10-20T10:41:47",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "[debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",
            },
            {
               name: "[debian-lts-announce] 20210330 [SECURITY] [DLA 2610-1] linux-4.19 security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.openwall.com/lists/oss-security/2021/03/06/1",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20210409-0001/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugzilla.suse.com/show_bug.cgi?id=1182715",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec98ea7070e94cc25a422ec97d1421e28d97b7ee",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f9dbdf97a5bd92b1a49cee3d591b55b11fd7a6d5",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2021-27365",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "[debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",
                  },
                  {
                     name: "[debian-lts-announce] 20210330 [SECURITY] [DLA 2610-1] linux-4.19 security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                  },
                  {
                     name: "https://www.openwall.com/lists/oss-security/2021/03/06/1",
                     refsource: "MISC",
                     url: "https://www.openwall.com/lists/oss-security/2021/03/06/1",
                  },
                  {
                     name: "https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html",
                     refsource: "MISC",
                     url: "https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html",
                  },
                  {
                     name: "http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html",
                     refsource: "MISC",
                     url: "http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20210409-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20210409-0001/",
                  },
                  {
                     name: "https://bugzilla.suse.com/show_bug.cgi?id=1182715",
                     refsource: "MISC",
                     url: "https://bugzilla.suse.com/show_bug.cgi?id=1182715",
                  },
                  {
                     name: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec98ea7070e94cc25a422ec97d1421e28d97b7ee",
                     refsource: "MISC",
                     url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec98ea7070e94cc25a422ec97d1421e28d97b7ee",
                  },
                  {
                     name: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f9dbdf97a5bd92b1a49cee3d591b55b11fd7a6d5",
                     refsource: "MISC",
                     url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f9dbdf97a5bd92b1a49cee3d591b55b11fd7a6d5",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2021-27365",
      datePublished: "2021-03-07T04:22:58",
      dateReserved: "2021-02-17T00:00:00",
      dateUpdated: "2024-08-03T20:48:16.561Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-30640
Vulnerability from cvelistv5
Published
2021-07-12 14:55
Modified
2024-08-03 22:40
Severity ?
Summary
A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.
Impacted products
Vendor Product Version
Apache Software Foundation Apache Tomcat Version: Apache Tomcat 10 10.0.0-M1 to 10.0.5
Version: Apache Tomcat 9 9.0.0.M1 to 9.0.45
Version: Apache Tomcat 8.5 8.5.0 to 8.5.65
Version: Apache Tomcat 7 7.0.0 to 7.0.108
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T22:40:31.832Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com//security-alerts/cpujul2021.html",
               },
               {
                  name: "[debian-lts-announce] 20210805 [SECURITY] [DLA 2733-1] tomcat8 security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2021/08/msg00009.html",
               },
               {
                  name: "DSA-4952",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2021/dsa-4952",
               },
               {
                  name: "DSA-4986",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2021/dsa-4986",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20210827-0007/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpujan2022.html",
               },
               {
                  name: "GLSA-202208-34",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202208-34",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Apache Tomcat",
               vendor: "Apache Software Foundation",
               versions: [
                  {
                     status: "affected",
                     version: "Apache Tomcat 10 10.0.0-M1 to 10.0.5",
                  },
                  {
                     status: "affected",
                     version: "Apache Tomcat 9 9.0.0.M1 to 9.0.45",
                  },
                  {
                     status: "affected",
                     version: "Apache Tomcat 8.5 8.5.0 to 8.5.65",
                  },
                  {
                     status: "affected",
                     version: "Apache Tomcat 7 7.0.0 to 7.0.108",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Authentication weaknees",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-08-21T04:07:59",
            orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            shortName: "apache",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com//security-alerts/cpujul2021.html",
            },
            {
               name: "[debian-lts-announce] 20210805 [SECURITY] [DLA 2733-1] tomcat8 security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2021/08/msg00009.html",
            },
            {
               name: "DSA-4952",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2021/dsa-4952",
            },
            {
               name: "DSA-4986",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2021/dsa-4986",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20210827-0007/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpujan2022.html",
            },
            {
               name: "GLSA-202208-34",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/202208-34",
            },
         ],
         source: {
            discovery: "UNKNOWN",
         },
         title: "Auth weakness in JNDIRealm",
         x_generator: {
            engine: "Vulnogram 0.0.9",
         },
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@apache.org",
               ID: "CVE-2021-30640",
               STATE: "PUBLIC",
               TITLE: "Auth weakness in JNDIRealm",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Apache Tomcat",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "=",
                                          version_name: "Apache Tomcat 10",
                                          version_value: "10.0.0-M1 to 10.0.5",
                                       },
                                       {
                                          version_affected: "=",
                                          version_name: "Apache Tomcat 9",
                                          version_value: "9.0.0.M1 to 9.0.45",
                                       },
                                       {
                                          version_affected: "=",
                                          version_name: "Apache Tomcat 8.5",
                                          version_value: "8.5.0 to 8.5.65",
                                       },
                                       {
                                          version_affected: "=",
                                          version_name: "Apache Tomcat 7",
                                          version_value: "7.0.0 to 7.0.108",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Apache Software Foundation",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.",
                  },
               ],
            },
            generator: {
               engine: "Vulnogram 0.0.9",
            },
            impact: [
               {},
            ],
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Authentication weaknees",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E",
                     refsource: "MISC",
                     url: "https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E",
                  },
                  {
                     name: "https://www.oracle.com//security-alerts/cpujul2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com//security-alerts/cpujul2021.html",
                  },
                  {
                     name: "[debian-lts-announce] 20210805 [SECURITY] [DLA 2733-1] tomcat8 security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2021/08/msg00009.html",
                  },
                  {
                     name: "DSA-4952",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2021/dsa-4952",
                  },
                  {
                     name: "DSA-4986",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2021/dsa-4986",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20210827-0007/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20210827-0007/",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpujan2022.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpujan2022.html",
                  },
                  {
                     name: "GLSA-202208-34",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/202208-34",
                  },
               ],
            },
            source: {
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
      assignerShortName: "apache",
      cveId: "CVE-2021-30640",
      datePublished: "2021-07-12T14:55:13",
      dateReserved: "2021-04-13T00:00:00",
      dateUpdated: "2024-08-03T22:40:31.832Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2021-25215
Vulnerability from cvelistv5
Published
2021-04-29 00:55
Modified
2024-09-16 22:02
Summary
In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.
Impacted products
Vendor Product Version
ISC BIND9 Version: Open Source Branches 9.0 through 9.11 9.0.0 through versions before 9.11.30
Version: Open Source Branches 9.12 through 9.16 9.12.0 through versions before 9.16.14
Version: Supported Preview Branches 9.9-S through 9.11-S 9.9.3-S1 through versions before 9.11.30-S1
Version: Supported Preview Branch 9.16-S 9.16.8-S1 through versions before 9.16.14-S1
Version: Development Branch 9.17 9.17.0 through versiosn before 9.17.12
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T19:56:11.110Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://kb.isc.org/v1/docs/cve-2021-25215",
               },
               {
                  name: "[oss-security] 20210428 ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2021/04/29/1",
               },
               {
                  name: "[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2021/04/29/2",
               },
               {
                  name: "[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2021/04/29/3",
               },
               {
                  name: "[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2021/04/29/4",
               },
               {
                  name: "DSA-4909",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2021/dsa-4909",
               },
               {
                  name: "[debian-lts-announce] 20210504 [SECURITY] [DLA 2647-1] bind9 security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2021/05/msg00001.html",
               },
               {
                  name: "FEDORA-2021-ace61cbee1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VEC2XG4Q2ODTN2C4CGXEIXU3EUTBMK7L/",
               },
               {
                  name: "FEDORA-2021-47f23870ec",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDSRPCJQ7MZC6CENH5PO3VQOFI7VSWBE/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20210521-0006/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "BIND9",
               vendor: "ISC",
               versions: [
                  {
                     status: "affected",
                     version: "Open Source Branches 9.0 through 9.11 9.0.0 through versions before 9.11.30",
                  },
                  {
                     status: "affected",
                     version: "Open Source Branches 9.12 through 9.16 9.12.0 through versions before 9.16.14",
                  },
                  {
                     status: "affected",
                     version: "Supported Preview Branches 9.9-S through 9.11-S 9.9.3-S1 through versions before 9.11.30-S1",
                  },
                  {
                     status: "affected",
                     version: "Supported Preview Branch 9.16-S 9.16.8-S1 through versions before 9.16.14-S1",
                  },
                  {
                     status: "affected",
                     version: "Development Branch 9.17 9.17.0 through versiosn before 9.17.12",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "ISC would like to thank Siva Kakarla for bringing this vulnerability to our attention.",
            },
         ],
         datePublic: "2021-04-28T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "We are not aware of any active exploits.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "DNAME records, described in RFC 6672, provide a way to redirect a subtree of the domain name tree in the DNS. A flaw in the way named processes these records may trigger an attempt to add the same RRset to the ANSWER section more than once. This causes an assertion check in BIND to fail.  DNAME records are processed by both authoritative and recursive servers. For authoritative servers, the DNAME record triggering the flaw can be retrieved from a zone database. For servers performing recursion, such a record is processed in the course of a query sent to an authoritative server.  Affects BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch.",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-03-08T14:08:28",
            orgId: "404fd4d2-a609-4245-b543-2c944a302a22",
            shortName: "isc",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://kb.isc.org/v1/docs/cve-2021-25215",
            },
            {
               name: "[oss-security] 20210428 ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2021/04/29/1",
            },
            {
               name: "[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2021/04/29/2",
            },
            {
               name: "[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2021/04/29/3",
            },
            {
               name: "[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2021/04/29/4",
            },
            {
               name: "DSA-4909",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2021/dsa-4909",
            },
            {
               name: "[debian-lts-announce] 20210504 [SECURITY] [DLA 2647-1] bind9 security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2021/05/msg00001.html",
            },
            {
               name: "FEDORA-2021-ace61cbee1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VEC2XG4Q2ODTN2C4CGXEIXU3EUTBMK7L/",
            },
            {
               name: "FEDORA-2021-47f23870ec",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDSRPCJQ7MZC6CENH5PO3VQOFI7VSWBE/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20210521-0006/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
            },
         ],
         solutions: [
            {
               lang: "en",
               value: "Upgrade to the patched release most closely related to your current version of BIND:\n\n    BIND 9.11.31\n    BIND 9.16.15\n    BIND 9.17.12\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n    BIND 9.11.31-S1\n    BIND 9.16.15-S1",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself",
         workarounds: [
            {
               lang: "en",
               value: "No workarounds known.",
            },
         ],
         x_generator: {
            engine: "Vulnogram 0.0.9",
         },
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security-officer@isc.org",
               DATE_PUBLIC: "2021-04-28T20:20:01.000Z",
               ID: "CVE-2021-25215",
               STATE: "PUBLIC",
               TITLE: "An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "BIND9",
                                 version: {
                                    version_data: [
                                       {
                                          version_name: "Open Source Branches 9.0 through 9.11",
                                          version_value: "9.0.0 through versions before 9.11.30",
                                       },
                                       {
                                          version_name: "Open Source Branches 9.12 through 9.16",
                                          version_value: "9.12.0 through versions before 9.16.14",
                                       },
                                       {
                                          version_name: "Supported Preview Branches 9.9-S through 9.11-S",
                                          version_value: "9.9.3-S1 through versions before 9.11.30-S1",
                                       },
                                       {
                                          version_name: "Supported Preview Branch 9.16-S",
                                          version_value: "9.16.8-S1 through versions before 9.16.14-S1",
                                       },
                                       {
                                          version_name: "Development Branch 9.17",
                                          version_value: "9.17.0 through versiosn before 9.17.12",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "ISC",
                     },
                  ],
               },
            },
            credit: [
               {
                  lang: "eng",
                  value: "ISC would like to thank Siva Kakarla for bringing this vulnerability to our attention.",
               },
            ],
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "We are not aware of any active exploits.",
               },
            ],
            generator: {
               engine: "Vulnogram 0.0.9",
            },
            impact: {
               cvss: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "DNAME records, described in RFC 6672, provide a way to redirect a subtree of the domain name tree in the DNS. A flaw in the way named processes these records may trigger an attempt to add the same RRset to the ANSWER section more than once. This causes an assertion check in BIND to fail.  DNAME records are processed by both authoritative and recursive servers. For authoritative servers, the DNAME record triggering the flaw can be retrieved from a zone database. For servers performing recursion, such a record is processed in the course of a query sent to an authoritative server.  Affects BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch.",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://kb.isc.org/v1/docs/cve-2021-25215",
                     refsource: "CONFIRM",
                     url: "https://kb.isc.org/v1/docs/cve-2021-25215",
                  },
                  {
                     name: "[oss-security] 20210428 ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2021/04/29/1",
                  },
                  {
                     name: "[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2021/04/29/2",
                  },
                  {
                     name: "[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2021/04/29/3",
                  },
                  {
                     name: "[oss-security] 20210429 Re: ISC discloses three BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216)",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2021/04/29/4",
                  },
                  {
                     name: "DSA-4909",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2021/dsa-4909",
                  },
                  {
                     name: "[debian-lts-announce] 20210504 [SECURITY] [DLA 2647-1] bind9 security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2021/05/msg00001.html",
                  },
                  {
                     name: "FEDORA-2021-ace61cbee1",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEC2XG4Q2ODTN2C4CGXEIXU3EUTBMK7L/",
                  },
                  {
                     name: "FEDORA-2021-47f23870ec",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDSRPCJQ7MZC6CENH5PO3VQOFI7VSWBE/",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20210521-0006/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20210521-0006/",
                  },
                  {
                     name: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
                     refsource: "CONFIRM",
                     url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",
                  },
               ],
            },
            solution: [
               {
                  lang: "en",
                  value: "Upgrade to the patched release most closely related to your current version of BIND:\n\n    BIND 9.11.31\n    BIND 9.16.15\n    BIND 9.17.12\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n    BIND 9.11.31-S1\n    BIND 9.16.15-S1",
               },
            ],
            source: {
               discovery: "EXTERNAL",
            },
            work_around: [
               {
                  lang: "en",
                  value: "No workarounds known.",
               },
            ],
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "404fd4d2-a609-4245-b543-2c944a302a22",
      assignerShortName: "isc",
      cveId: "CVE-2021-25215",
      datePublished: "2021-04-29T00:55:16.726513Z",
      dateReserved: "2021-01-15T00:00:00",
      dateUpdated: "2024-09-16T22:02:24.791Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-29661
Vulnerability from cvelistv5
Published
2020-12-09 16:57
Modified
2024-08-04 16:55
Severity ?
Summary
A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T16:55:10.638Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=54ffccbf053b5b6ca4f6e45094b942fab92a25fc",
               },
               {
                  name: "[oss-security] 20201210 2 kernel issues",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2020/12/10/1",
               },
               {
                  name: "FEDORA-2020-b732958765",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZ7OAKAEFAXQRGBZK4LYUWINCD3D2XCL/",
               },
               {
                  name: "FEDORA-2020-bc0cc81a7a",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BOB25SU6XUL4TNP7KB63WNZSYTIYFDPP/",
               },
               {
                  name: "DSA-4843",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2021/dsa-4843",
               },
               {
                  name: "[debian-lts-announce] 20210212 [SECURITY] [DLA 2557-1] linux-4.19 security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html",
               },
               {
                  name: "[debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/160681/Linux-TIOCSPGRP-Broken-Locking.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20210122-0001/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/164950/Kernel-Live-Patch-Security-Notice-LSN-0082-1.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-11-12T18:06:14",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=54ffccbf053b5b6ca4f6e45094b942fab92a25fc",
            },
            {
               name: "[oss-security] 20201210 2 kernel issues",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2020/12/10/1",
            },
            {
               name: "FEDORA-2020-b732958765",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZ7OAKAEFAXQRGBZK4LYUWINCD3D2XCL/",
            },
            {
               name: "FEDORA-2020-bc0cc81a7a",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BOB25SU6XUL4TNP7KB63WNZSYTIYFDPP/",
            },
            {
               name: "DSA-4843",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2021/dsa-4843",
            },
            {
               name: "[debian-lts-announce] 20210212 [SECURITY] [DLA 2557-1] linux-4.19 security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html",
            },
            {
               name: "[debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/160681/Linux-TIOCSPGRP-Broken-Locking.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20210122-0001/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/164950/Kernel-Live-Patch-Security-Notice-LSN-0082-1.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2020-29661",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=54ffccbf053b5b6ca4f6e45094b942fab92a25fc",
                     refsource: "MISC",
                     url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=54ffccbf053b5b6ca4f6e45094b942fab92a25fc",
                  },
                  {
                     name: "[oss-security] 20201210 2 kernel issues",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2020/12/10/1",
                  },
                  {
                     name: "FEDORA-2020-b732958765",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZ7OAKAEFAXQRGBZK4LYUWINCD3D2XCL/",
                  },
                  {
                     name: "FEDORA-2020-bc0cc81a7a",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BOB25SU6XUL4TNP7KB63WNZSYTIYFDPP/",
                  },
                  {
                     name: "DSA-4843",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2021/dsa-4843",
                  },
                  {
                     name: "[debian-lts-announce] 20210212 [SECURITY] [DLA 2557-1] linux-4.19 security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html",
                  },
                  {
                     name: "[debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                  },
                  {
                     name: "http://packetstormsecurity.com/files/160681/Linux-TIOCSPGRP-Broken-Locking.html",
                     refsource: "MISC",
                     url: "http://packetstormsecurity.com/files/160681/Linux-TIOCSPGRP-Broken-Locking.html",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20210122-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20210122-0001/",
                  },
                  {
                     name: "http://packetstormsecurity.com/files/164950/Kernel-Live-Patch-Security-Notice-LSN-0082-1.html",
                     refsource: "MISC",
                     url: "http://packetstormsecurity.com/files/164950/Kernel-Live-Patch-Security-Notice-LSN-0082-1.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2020-29661",
      datePublished: "2020-12-09T16:57:41",
      dateReserved: "2020-12-09T00:00:00",
      dateUpdated: "2024-08-04T16:55:10.638Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-0762
Vulnerability from cvelistv5
Published
2017-08-10 16:00
Modified
2024-09-17 01:36
Severity ?
Summary
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder.
References
http://www.securitytracker.com/id/1037144vdb-entry, x_refsource_SECTRACK
https://lists.apache.org/thread.html/1872f96bad43647832bdd84a408794cd06d9cbb557af63085ca10009%40%3Cannounce.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://access.redhat.com/errata/RHSA-2017:2247vendor-advisory, x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2017-0457.htmlvendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:0455vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/93939vdb-entry, x_refsource_BID
http://www.debian.org/security/2016/dsa-3720vendor-advisory, x_refsource_DEBIAN
https://access.redhat.com/errata/RHSA-2017:0456vendor-advisory, x_refsource_REDHAT
https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3Emailing-list, x_refsource_MLIST
https://usn.ubuntu.com/4557-1/vendor-advisory, x_refsource_UBUNTU
https://www.oracle.com//security-alerts/cpujul2021.htmlx_refsource_MISC
https://security.netapp.com/advisory/ntap-20180605-0001/x_refsource_CONFIRM
https://www.oracle.com/security-alerts/cpuoct2021.htmlx_refsource_MISC
Impacted products
Vendor Product Version
Apache Software Foundation Apache Tomcat Version: 9.0.0.M1 to 9.0.0.M9
Version: 8.5.0 to 8.5.4
Version: 8.0.0.RC1 to 8.0.36
Version: 7.0.0 to 7.0.70
Version: 6.0.0 to 6.0.45
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T22:30:04.029Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "1037144",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1037144",
               },
               {
                  name: "[announce] 20161027 [SECURITY] CVE-2016-0762 Apache Tomcat Realm Timing Attack",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/1872f96bad43647832bdd84a408794cd06d9cbb557af63085ca10009%40%3Cannounce.tomcat.apache.org%3E",
               },
               {
                  name: "RHSA-2017:2247",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2247",
               },
               {
                  name: "RHSA-2017:0457",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
               },
               {
                  name: "RHSA-2017:0455",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0455",
               },
               {
                  name: "93939",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93939",
               },
               {
                  name: "DSA-3720",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3720",
               },
               {
                  name: "RHSA-2017:0456",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0456",
               },
               {
                  name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
               },
               {
                  name: "USN-4557-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4557-1/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com//security-alerts/cpujul2021.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Apache Tomcat",
               vendor: "Apache Software Foundation",
               versions: [
                  {
                     status: "affected",
                     version: "9.0.0.M1 to 9.0.0.M9",
                  },
                  {
                     status: "affected",
                     version: "8.5.0 to 8.5.4",
                  },
                  {
                     status: "affected",
                     version: "8.0.0.RC1 to 8.0.36",
                  },
                  {
                     status: "affected",
                     version: "7.0.0 to 7.0.70",
                  },
                  {
                     status: "affected",
                     version: "6.0.0 to 6.0.45",
                  },
               ],
            },
         ],
         datePublic: "2016-10-27T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Timing Attack",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-10-20T10:37:46",
            orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            shortName: "apache",
         },
         references: [
            {
               name: "1037144",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1037144",
            },
            {
               name: "[announce] 20161027 [SECURITY] CVE-2016-0762 Apache Tomcat Realm Timing Attack",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/1872f96bad43647832bdd84a408794cd06d9cbb557af63085ca10009%40%3Cannounce.tomcat.apache.org%3E",
            },
            {
               name: "RHSA-2017:2247",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2247",
            },
            {
               name: "RHSA-2017:0457",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
            },
            {
               name: "RHSA-2017:0455",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0455",
            },
            {
               name: "93939",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93939",
            },
            {
               name: "DSA-3720",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3720",
            },
            {
               name: "RHSA-2017:0456",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0456",
            },
            {
               name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E",
            },
            {
               name: "USN-4557-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4557-1/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com//security-alerts/cpujul2021.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@apache.org",
               DATE_PUBLIC: "2016-10-27T00:00:00",
               ID: "CVE-2016-0762",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Apache Tomcat",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "9.0.0.M1 to 9.0.0.M9",
                                       },
                                       {
                                          version_value: "8.5.0 to 8.5.4",
                                       },
                                       {
                                          version_value: "8.0.0.RC1 to 8.0.36",
                                       },
                                       {
                                          version_value: "7.0.0 to 7.0.70",
                                       },
                                       {
                                          version_value: "6.0.0 to 6.0.45",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Apache Software Foundation",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Timing Attack",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "1037144",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1037144",
                  },
                  {
                     name: "[announce] 20161027 [SECURITY] CVE-2016-0762 Apache Tomcat Realm Timing Attack",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/1872f96bad43647832bdd84a408794cd06d9cbb557af63085ca10009@%3Cannounce.tomcat.apache.org%3E",
                  },
                  {
                     name: "RHSA-2017:2247",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2247",
                  },
                  {
                     name: "RHSA-2017:0457",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0457.html",
                  },
                  {
                     name: "RHSA-2017:0455",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:0455",
                  },
                  {
                     name: "93939",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/93939",
                  },
                  {
                     name: "DSA-3720",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2016/dsa-3720",
                  },
                  {
                     name: "RHSA-2017:0456",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:0456",
                  },
                  {
                     name: "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E",
                  },
                  {
                     name: "USN-4557-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4557-1/",
                  },
                  {
                     name: "https://www.oracle.com//security-alerts/cpujul2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com//security-alerts/cpujul2021.html",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20180605-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20180605-0001/",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuoct2021.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
      assignerShortName: "apache",
      cveId: "CVE-2016-0762",
      datePublished: "2017-08-10T16:00:00Z",
      dateReserved: "2015-12-16T00:00:00",
      dateUpdated: "2024-09-17T01:36:51.388Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}