|CERT-In Vulnerability Note
Multiple Vulnerabilities in Apache Tomcat
Original Issue Date:December 05, 2016
Severity Rating: HIGH
- Apache Tomcat 8.5.0 to 8.5.6
- Apache Tomcat 9.0.0.M1 to 9.0.0.M11
- Apache Tomcat 6.0.0 to 6.0.47
- Apache Tomcat 7.0.0 to 7.0.72
- Apache Tomcat 8.0.0.RC1 to 8.0.38
Multiple Vulnerabilities have been reported in Apache Tomcat which could be exploited by a remote attacker to conduct arbitrary code execution, denial of service and cross-site scripting on a targeted system.
1. Cross-Site Scripting(XSS) Vulnerability
The vulnerability exists because of allowing invalid characters while parsing HTTP requests.
A remote attacker could exploit this vulnerability to inject data into the HTTP response. Successful exploitation of this vulnerability could allow the remote attacker to poison a web-caches, perform an XSS attack and/or obtain sensitive information.
2. Denial of Service vulnerability
A remote attacker could exploit this vulnerability by sending a specially crafted HTTP/2 header to cause the target service to enter an infinite loop resulting in denial of service condition.
3.Arbitrary code execution vulnerabilities
A remote attacker could exploit this vulnerability by sending a specially crafted data to a JMX port to trigger a flaw in the JmxRemoteLifecycleListener .Successful exploitation of this vulnerability could allow the remote attacker to cause privilege escalation and arbitrary code execution on a targeted system.
Apply appropriate patched as mentioned in the links:
The information provided herein is on "as is" basis, without warranty of any kind.
Email: email@example.com Phone: +91-11-24368572
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
6, CGO Complex, Lodhi Road,
New Delhi - 110 003