fkie_cve-2019-0232
Vulnerability from fkie_nvd
Published
2019-04-15 15:29
Modified
2024-11-21 04:16
Severity ?
8.1 (High) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet is disabled by default. The CGI option enableCmdLineArguments is disable by default in Tomcat 9.0.x (and will be disabled by default in all versions in response to this vulnerability). For a detailed explanation of the JRE behaviour, see Markus Wulftange's blog (https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html) and this archived MSDN blog (https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/).
References
security@apache.orghttp://packetstormsecurity.com/files/153506/Apache-Tomcat-CGIServlet-enableCmdLineArguments-Remote-Code-Execution.html
security@apache.orghttp://seclists.org/fulldisclosure/2019/May/4
security@apache.orghttp://www.securityfocus.com/bid/107906Third Party Advisory, VDB Entry
security@apache.orghttps://access.redhat.com/errata/RHSA-2019:1712
security@apache.orghttps://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat/
security@apache.orghttps://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.htmlThird Party Advisory
security@apache.orghttps://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/52ffb9fbf661245386a83a661183d13f1de2e5779fa23837a08e02ac%40%3Ccommits.ofbiz.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/5f297a4b9080b5f65a05bc139596d0e437d6a539b25e31d29d028767%40%3Cannounce.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/673b6148d92cd7bc99ea2dcf85ad75d57da44fc322d51f37fb529a2a%40%3Ccommits.ofbiz.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/96849486813a95dfd542e1618b7923ca945508aaf4a4341f674d83e3%40%3Cnotifications.ofbiz.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/a6c87a09a71162fd563ab1c4e70a08a103e0b7c199fc391f1c9c4c35%40%3Ccommits.ofbiz.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/dd4b325cdb261183dbf5ce913c102920a8f09c26dae666a98309165b%40%3Cnotifications.ofbiz.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/f4d48b32ef2b6aa49c8830241a9475da5b46e451f964b291c7a0a715%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
security@apache.orghttps://security.netapp.com/advisory/ntap-20190419-0001/Third Party Advisory
security@apache.orghttps://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/Third Party Advisory
security@apache.orghttps://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-784Technical Description
security@apache.orghttps://www.oracle.com/security-alerts/cpuApr2021.html
security@apache.orghttps://www.oracle.com/security-alerts/cpuapr2020.html
security@apache.orghttps://www.oracle.com/security-alerts/cpujan2020.html
security@apache.orghttps://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
security@apache.orghttps://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
security@apache.orghttps://www.synology.com/security/advisory/Synology_SA_19_17
security@apache.orghttps://wwws.nightwatchcybersecurity.com/2019/04/30/remote-code-execution-rce-in-cgi-servlet-apache-tomcat-on-windows-cve-2019-0232/
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/153506/Apache-Tomcat-CGIServlet-enableCmdLineArguments-Remote-Code-Execution.html
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2019/May/4
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/107906Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:1712
af854a3a-2127-422b-91ae-364da2661108https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat/
af854a3a-2127-422b-91ae-364da2661108https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/52ffb9fbf661245386a83a661183d13f1de2e5779fa23837a08e02ac%40%3Ccommits.ofbiz.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/5f297a4b9080b5f65a05bc139596d0e437d6a539b25e31d29d028767%40%3Cannounce.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/673b6148d92cd7bc99ea2dcf85ad75d57da44fc322d51f37fb529a2a%40%3Ccommits.ofbiz.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/96849486813a95dfd542e1618b7923ca945508aaf4a4341f674d83e3%40%3Cnotifications.ofbiz.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/a6c87a09a71162fd563ab1c4e70a08a103e0b7c199fc391f1c9c4c35%40%3Ccommits.ofbiz.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/dd4b325cdb261183dbf5ce913c102920a8f09c26dae666a98309165b%40%3Cnotifications.ofbiz.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/f4d48b32ef2b6aa49c8830241a9475da5b46e451f964b291c7a0a715%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20190419-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-784Technical Description
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuApr2021.html
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuapr2020.html
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujan2020.html
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
af854a3a-2127-422b-91ae-364da2661108https://www.synology.com/security/advisory/Synology_SA_19_17
af854a3a-2127-422b-91ae-364da2661108https://wwws.nightwatchcybersecurity.com/2019/04/30/remote-code-execution-rce-in-cgi-servlet-apache-tomcat-on-windows-cve-2019-0232/
Impacted products
Vendor Product Version
apache tomcat *
apache tomcat *
apache tomcat *
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
apache tomcat 9.0.0
microsoft windows -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "91627C43-9E36-447C-AC2B-A63F1CDB29C7",
                     versionEndIncluding: "7.0.93",
                     versionStartIncluding: "7.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4064056C-7B06-49BA-A4D2-0C228060B116",
                     versionEndIncluding: "8.5.39",
                     versionStartIncluding: "8.5.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4A70BBA8-1F21-4CD6-822A-17ECC4710065",
                     versionEndIncluding: "9.0.17",
                     versionStartIncluding: "9.0.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*",
                     matchCriteriaId: "9D0689FE-4BC0-4F53-8C79-34B21F9B86C2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*",
                     matchCriteriaId: "89B129B2-FB6F-4EF9-BF12-E589A87996CF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*",
                     matchCriteriaId: "8B6787B6-54A8-475E-BA1C-AB99334B2535",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*",
                     matchCriteriaId: "EABB6FBC-7486-44D5-A6AD-FFF1D3F677E1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*",
                     matchCriteriaId: "E10C03BC-EE6B-45B2-83AE-9E8DFB58D7DB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*",
                     matchCriteriaId: "8A6DA0BE-908C-4DA8-A191-A0113235E99A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*",
                     matchCriteriaId: "39029C72-28B4-46A4-BFF5-EC822CFB2A4C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*",
                     matchCriteriaId: "1A2E05A3-014F-4C4D-81E5-88E725FBD6AD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*",
                     matchCriteriaId: "166C533C-0833-41D5-99B6-17A4FAB3CAF0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*",
                     matchCriteriaId: "D3768C60-21FA-4B92-B98C-C3A2602D1BC4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*",
                     matchCriteriaId: "DDD510FA-A2E4-4BAF-A0DE-F4E5777E9325",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*",
                     matchCriteriaId: "9F542E12-6BA8-4504-A494-DA83E7E19BD5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*",
                     matchCriteriaId: "C2409CC7-6A85-4A66-A457-0D62B9895DC1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone21:*:*:*:*:*:*",
                     matchCriteriaId: "B392A7E5-4455-4B1C-8FAC-AE6DDC70689E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone22:*:*:*:*:*:*",
                     matchCriteriaId: "EF411DDA-2601-449A-9046-D250419A0E1A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone23:*:*:*:*:*:*",
                     matchCriteriaId: "D7D8F2F4-AFE2-47EA-A3FD-79B54324DE02",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone24:*:*:*:*:*:*",
                     matchCriteriaId: "1B4FBF97-DE16-4E5E-BE19-471E01818D40",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone25:*:*:*:*:*:*",
                     matchCriteriaId: "3B266B1E-24B5-47EE-A421-E0E3CC0C7471",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone26:*:*:*:*:*:*",
                     matchCriteriaId: "29614C3A-6FB3-41C7-B56E-9CC3F45B04F0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*",
                     matchCriteriaId: "C0C5F004-F7D8-45DB-B173-351C50B0EC16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*",
                     matchCriteriaId: "D1902D2E-1896-4D3D-9E1C-3A675255072C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*",
                     matchCriteriaId: "49AAF4DF-F61D-47A8-8788-A21E317A145D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*",
                     matchCriteriaId: "454211D0-60A2-4661-AECA-4C0121413FEB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*",
                     matchCriteriaId: "0686F977-889F-4960-8E0B-7784B73A7F2D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*",
                     matchCriteriaId: "558703AE-DB5E-4DFF-B497-C36694DD7B24",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*",
                     matchCriteriaId: "ED6273F2-1165-47A4-8DD7-9E9B2472941B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet is disabled by default. The CGI option enableCmdLineArguments is disable by default in Tomcat 9.0.x (and will be disabled by default in all versions in response to this vulnerability). For a detailed explanation of the JRE behaviour, see Markus Wulftange's blog (https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html) and this archived MSDN blog (https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/).",
      },
      {
         lang: "es",
         value: "Cuando se ejecuta Windows con enableCmdLineArguments activado, el Servlet CGI en Apache Tomcat 9.0.0.0.M1 a 9.0.17, 8.5.0 a 8.5.39 y 7.0.0.0 a 7.0.93 es vulnerable a una Ejecución Remota de Código debido a un error en la forma en que el JRE pasa los argumentos de la línea de comando a Windows. El Servlet CGI está deshabilitado por defecto. La opción CGI enableCmdLineArguments está desactivada por defecto en Tomcat 9.0.x (y será desactivada por defecto en todas las versiones en respuesta a esta vulnerabilidad). Para una explicación detallada del comportamiento de JRE, consulte el blog de Markus Wulftange (https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html) y este blog de MSDN archivado (https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/).",
      },
   ],
   id: "CVE-2019-0232",
   lastModified: "2024-11-21T04:16:33.230",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 9.3,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.2,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-04-15T15:29:00.420",
   references: [
      {
         source: "security@apache.org",
         url: "http://packetstormsecurity.com/files/153506/Apache-Tomcat-CGIServlet-enableCmdLineArguments-Remote-Code-Execution.html",
      },
      {
         source: "security@apache.org",
         url: "http://seclists.org/fulldisclosure/2019/May/4",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/107906",
      },
      {
         source: "security@apache.org",
         url: "https://access.redhat.com/errata/RHSA-2019:1712",
      },
      {
         source: "security@apache.org",
         url: "https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat/",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/52ffb9fbf661245386a83a661183d13f1de2e5779fa23837a08e02ac%40%3Ccommits.ofbiz.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/5f297a4b9080b5f65a05bc139596d0e437d6a539b25e31d29d028767%40%3Cannounce.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/673b6148d92cd7bc99ea2dcf85ad75d57da44fc322d51f37fb529a2a%40%3Ccommits.ofbiz.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/96849486813a95dfd542e1618b7923ca945508aaf4a4341f674d83e3%40%3Cnotifications.ofbiz.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/a6c87a09a71162fd563ab1c4e70a08a103e0b7c199fc391f1c9c4c35%40%3Ccommits.ofbiz.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/dd4b325cdb261183dbf5ce913c102920a8f09c26dae666a98309165b%40%3Cnotifications.ofbiz.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/f4d48b32ef2b6aa49c8830241a9475da5b46e451f964b291c7a0a715%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20190419-0001/",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/",
      },
      {
         source: "security@apache.org",
         tags: [
            "Technical Description",
         ],
         url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-784",
      },
      {
         source: "security@apache.org",
         url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
      },
      {
         source: "security@apache.org",
         url: "https://www.oracle.com/security-alerts/cpuapr2020.html",
      },
      {
         source: "security@apache.org",
         url: "https://www.oracle.com/security-alerts/cpujan2020.html",
      },
      {
         source: "security@apache.org",
         url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
      },
      {
         source: "security@apache.org",
         url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
      },
      {
         source: "security@apache.org",
         url: "https://www.synology.com/security/advisory/Synology_SA_19_17",
      },
      {
         source: "security@apache.org",
         url: "https://wwws.nightwatchcybersecurity.com/2019/04/30/remote-code-execution-rce-in-cgi-servlet-apache-tomcat-on-windows-cve-2019-0232/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://packetstormsecurity.com/files/153506/Apache-Tomcat-CGIServlet-enableCmdLineArguments-Remote-Code-Execution.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://seclists.org/fulldisclosure/2019/May/4",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/107906",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://access.redhat.com/errata/RHSA-2019:1712",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/52ffb9fbf661245386a83a661183d13f1de2e5779fa23837a08e02ac%40%3Ccommits.ofbiz.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/5f297a4b9080b5f65a05bc139596d0e437d6a539b25e31d29d028767%40%3Cannounce.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/673b6148d92cd7bc99ea2dcf85ad75d57da44fc322d51f37fb529a2a%40%3Ccommits.ofbiz.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/96849486813a95dfd542e1618b7923ca945508aaf4a4341f674d83e3%40%3Cnotifications.ofbiz.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/a6c87a09a71162fd563ab1c4e70a08a103e0b7c199fc391f1c9c4c35%40%3Ccommits.ofbiz.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/dd4b325cdb261183dbf5ce913c102920a8f09c26dae666a98309165b%40%3Cnotifications.ofbiz.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/f4d48b32ef2b6aa49c8830241a9475da5b46e451f964b291c7a0a715%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20190419-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Technical Description",
         ],
         url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-784",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://www.oracle.com/security-alerts/cpuApr2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://www.oracle.com/security-alerts/cpuapr2020.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://www.oracle.com/security-alerts/cpujan2020.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://www.synology.com/security/advisory/Synology_SA_19_17",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://wwws.nightwatchcybersecurity.com/2019/04/30/remote-code-execution-rce-in-cgi-servlet-apache-tomcat-on-windows-cve-2019-0232/",
      },
   ],
   sourceIdentifier: "security@apache.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.