CVE-2018-1336

HIGH
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86.

References

http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090435.GA60759%40minotaur.apache.org%3E

http://www.securityfocus.com/bid/104898

http://www.securitytracker.com/id/1041375

https://access.redhat.com/errata/RHEA-2018:2188

https://access.redhat.com/errata/RHEA-2018:2189

https://access.redhat.com/errata/RHSA-2018:2700

https://access.redhat.com/errata/RHSA-2018:2701

https://access.redhat.com/errata/RHSA-2018:2740

https://access.redhat.com/errata/RHSA-2018:2741

https://access.redhat.com/errata/RHSA-2018:2742

https://access.redhat.com/errata/RHSA-2018:2743

https://access.redhat.com/errata/RHSA-2018:2921

https://access.redhat.com/errata/RHSA-2018:2930

https://access.redhat.com/errata/RHSA-2018:2939

https://access.redhat.com/errata/RHSA-2018:2945

https://access.redhat.com/errata/RHSA-2018:3768

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.debian.org/debian-lts-announce/2018/09/msg00001.html

https://security.netapp.com/advisory/ntap-20180817-0001/

https://support.f5.com/csp/article/K73008537?utm_source=f5support&utm_medium=RSS

https://usn.ubuntu.com/3723-1/

https://www.debian.org/security/2018/dsa-4281

https://www.oracle.com/security-alerts/cpuapr2020.html

Details

Source: MITRE

Published: 2018-08-02

Updated: 2020-04-15

Type: CWE-835

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from 7.0.28 to 7.0.86 (inclusive)

cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from 8.0.0 to 8.0.51 (inclusive)

cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc3:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc4:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc6:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc7:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc8:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc9:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from 8.5.0 to 8.5.30 (inclusive)

cpe:2.3:a:apache:tomcat:9.0.0:m10:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m11:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m12:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m13:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m14:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m15:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m16:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m17:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m18:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m19:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m20:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m21:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m22:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m23:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m24:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m25:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m26:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m27:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m9:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from 9.0.1 to 9.0.7 (inclusive)

Configuration 2

OR

cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3

AND

OR

cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*

OR

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 4

AND

OR

cpe:2.3:a:redhat:jboss_enterprise_web_server:5.0.0:*:*:*:*:*:*:*

OR

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Tenable Plugins

View all (32 total)

IDNameProductFamilySeverity
701337Apache Tomcat < 7.0.88 VulnerabilityNessus Network MonitorWeb Servers
medium
127197NewStart CGSL CORE 5.04 / MAIN 5.04 : tomcat Vulnerability (NS-SA-2019-0031)NessusNewStart CGSL Local Security Checks
high
125550Symantec Content Analysis < 2.3.5.1 affected by Multiple Vulnerabilities (SYMSA1463)NessusMisc.
high
700706Apache Tomcat 9.0.x < 9.0.8 Denial of Service VulnerabilityNessus Network MonitorWeb Servers
medium
700694Apache Tomcat 8.5.x < 8.5.31 Denial of ServiceNessus Network MonitorWeb Servers
medium
700688Apache Tomcat 8.0.x < 8.0.52 Denial of ServiceNessus Network MonitorWeb Servers
medium
700678Apache Tomcat 7.0.x < 7.0.88 Denial of ServiceNessus Network MonitorWeb Servers
medium
123330openSUSE Security Update : tomcat (openSUSE-2019-770)NessusSuSE Local Security Checks
critical
122447Apache Tomcat 9.0.0.M1 < 9.0.8 Denial of Service VulnerabilityNessusWeb Servers
high
121124Apache Tomcat 8.0.x < 8.0.52 / 8.5.x < 8.5.31 / 9.0.x < 9.0.8 Denial of ServiceNessusWeb Servers
high
121121Apache Tomcat 7.0.x < 7.0.88 Denial of ServiceNessusWeb Servers
high
119904EulerOS 2.0 SP2 : tomcat (EulerOS-SA-2018-1415)NessusHuawei Local Security Checks
high
119668F5 Networks BIG-IP : Apache Tomcat vulnerability (K73008537)NessusF5 Networks Local Security Checks
high
119513EulerOS 2.0 SP3 : tomcat (EulerOS-SA-2018-1385)NessusHuawei Local Security Checks
high
118836Amazon Linux 2 : tomcat (ALAS-2018-1105)NessusAmazon Linux Local Security Checks
high
112306Apache Tomcat 7.0.28 < 7.0.88 Denial of ServiceWeb Application ScanningComponent Vulnerability
high
112297Apache Tomcat 8.5.0 < 8.5.31 Denial of ServiceWeb Application ScanningComponent Vulnerability
high
112291Apache Tomcat 9.0.0.M1 < 9.0.8 Denial of ServiceWeb Application ScanningComponent Vulnerability
high
118167Scientific Linux Security Update : tomcat on SL7.x (noarch) (20181016)NessusScientific Linux Local Security Checks
high
118162RHEL 7 : tomcat (RHSA-2018:2921)NessusRed Hat Local Security Checks
high
118161Oracle Linux 7 : tomcat (ELSA-2018-2921)NessusOracle Linux Local Security Checks
high
118156CentOS 7 : tomcat (CESA-2018:2921)NessusCentOS Local Security Checks
high
117983openSUSE Security Update : tomcat (openSUSE-2018-1129)NessusSuSE Local Security Checks
critical
117772RHEL 6 : JBoss EAP (RHSA-2018:2743)NessusRed Hat Local Security Checks
high
117771RHEL 7 : JBoss EAP (RHSA-2018:2741)NessusRed Hat Local Security Checks
high
117526openSUSE Security Update : tomcat (openSUSE-2018-1019)NessusSuSE Local Security Checks
critical
117471RHEL 6 / 7 : Red Hat JBoss Web Server 3.1.0 Service Pack 5 (RHSA-2018:2701)NessusRed Hat Local Security Checks
high
112230Debian DLA-1491-1 : tomcat8 security updateNessusDebian Local Security Checks
high
112185Debian DSA-4281-1 : tomcat8 - security updateNessusDebian Local Security Checks
high
111611Amazon Linux AMI : tomcat8 (ALAS-2018-1056)NessusAmazon Linux Local Security Checks
critical
111610Amazon Linux AMI : tomcat7 / tomcat80 (ALAS-2018-1055)NessusAmazon Linux Local Security Checks
critical
111349Ubuntu 14.04 LTS / 16.04 LTS : Tomcat vulnerabilities (USN-3723-1)NessusUbuntu Local Security Checks
high