CVE-2018-8014

critical
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are insecure and enable 'supportsCredentials' for all origins. It is expected that users of the CORS filter will have configured it appropriately for their environment rather than using it in the default configuration. Therefore, it is expected that most users will not be impacted by this issue.

References

http://tomcat.apache.org/security-7.html

http://tomcat.apache.org/security-8.html

http://tomcat.apache.org/security-9.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

http://www.securityfocus.com/bid/104203

http://www.securitytracker.com/id/1040998

http://www.securitytracker.com/id/1041888

https://access.redhat.com/errata/RHSA-2018:2469

https://access.redhat.com/errata/RHSA-2018:2470

https://access.redhat.com/errata/RHSA-2018:3768

https://access.redhat.com/errata/RHSA-2019:0450

https://access.redhat.com/errata/RHSA-2019:0451

https://access.redhat.com/errata/RHSA-2019:1529

https://access.redhat.com/errata/RHSA-2019:2205

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.activemq.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cannounce.tomcat.apache.org%3E

https://lists.debian.org/debian-lts-announce/2018/06/msg00008.html

https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html

https://security.netapp.com/advisory/ntap-20181018-0002/

https://usn.ubuntu.com/3665-1/

Details

Source: MITRE

Published: 2018-05-16

Updated: 2019-10-03

Type: CWE-1188

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Tenable Plugins

View all (35 total)

IDNameProductFamilySeverity
145683CentOS 8 : pki-deps:10.6 (CESA-2019:1529)NessusCentOS Local Security Checks
critical
138901MySQL Enterprise Monitor 3.4.x < 3.4.10 / 4.x < 4.0.7 / 8.x < 8.0.3 Multiple Vulnerabilities (Oct 2018 CPU)NessusCGI abuses
high
134569Amazon Linux 2 : tomcat (ALAS-2020-1402)NessusAmazon Linux Local Security Checks
critical
132427Debian DSA-4596-1 : tomcat8 - security updateNessusDebian Local Security Checks
critical
128376CentOS 7 : tomcat (CESA-2019:2205)NessusCentOS Local Security Checks
critical
128266Scientific Linux Security Update : tomcat on SL7.x x86_64 (20190806)NessusScientific Linux Local Security Checks
critical
127865Debian DLA-1883-1 : tomcat8 security update (httpoxy)NessusDebian Local Security Checks
critical
127697RHEL 7 : tomcat (RHSA-2019:2205)NessusRed Hat Local Security Checks
critical
127594Oracle Linux 8 : pki-deps:10.6 (ELSA-2019-1529)NessusOracle Linux Local Security Checks
critical
126030RHEL 8 : pki-deps:10.6 (RHSA-2019:1529)NessusRed Hat Local Security Checks
critical
700708Apache Tomcat 9.0.x < 9.0.10 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
700707Apache Tomcat 9.0.x < 9.0.10 Security MisconfigurationNessus Network MonitorWeb Servers
high
700695Apache Tomcat 8.5.x < 8.5.32 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
700689Apache Tomcat 8.0.x < 8.0.53 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
700679Apache Tomcat 7.0.x < 7.0.89 DoSNessus Network MonitorWeb Servers
high
123330openSUSE Security Update : tomcat (openSUSE-2019-770)NessusSuSE Local Security Checks
critical
122606RHEL 6 / 7 : Red Hat JBoss Web Server 5.0 Service Pack 2 (RHSA-2019:0451)NessusRed Hat Local Security Checks
critical
120717Fedora 28 : 1:tomcat (2018-b1832101b8)NessusFedora Local Security Checks
critical
112305Apache Tomcat 7.0.25 < 7.0.90 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
critical
112296Apache Tomcat 8.5.0 < 8.5.32 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
critical
112290Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
critical
117983openSUSE Security Update : tomcat (openSUSE-2018-1129)NessusSuSE Local Security Checks
critical
117526openSUSE Security Update : tomcat (openSUSE-2018-1019)NessusSuSE Local Security Checks
critical
111952Photon OS 2.0: Apache PHSA-2018-2.0-0065 (deprecated)NessusPhotonOS Local Security Checks
critical
111938Photon OS 1.0: Apache / Binutils PHSA-2018-1.0-0154 (deprecated)NessusPhotonOS Local Security Checks
critical
111804RHEL 6 / 7 : Red Hat JBoss Web Server 3.1.0 Service Pack 4 (RHSA-2018:2469)NessusRed Hat Local Security Checks
critical
111647EulerOS 2.0 SP3 : tomcat (EulerOS-SA-2018-1227)NessusHuawei Local Security Checks
critical
111611Amazon Linux AMI : tomcat8 (ALAS-2018-1056)NessusAmazon Linux Local Security Checks
critical
111610Amazon Linux AMI : tomcat7 / tomcat80 (ALAS-2018-1055)NessusAmazon Linux Local Security Checks
critical
111069Apache Tomcat 9.0.0 < 9.0.10 Multiple VulnerabilitesNessusWeb Servers
critical
111066Apache Tomcat 7.0.41 < 7.0.90 Multiple VulnerabilitiesNessusWeb Servers
critical
111182EulerOS 2.0 SP2 : tomcat (EulerOS-SA-2018-1220)NessusHuawei Local Security Checks
critical
111068Apache Tomcat 8.5.0 < 8.5.32 Multiple VulnerabilitiesNessusWeb Servers
critical
111067Apache Tomcat 8.0.0 < 8.0.53 Security Constraint WeaknessNessusWeb Servers
critical
110264Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : Tomcat vulnerabilities (USN-3665-1)NessusUbuntu Local Security Checks
critical