CVE-2018-8034

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88.

References

http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%[email protected]%3E

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

http://www.securityfocus.com/bid/104895

http://www.securitytracker.com/id/1041374

https://access.redhat.com/errata/RHSA-2019:0130

https://access.redhat.com/errata/RHSA-2019:0131

https://access.redhat.com/errata/RHSA-2019:0450

https://access.redhat.com/errata/RHSA-2019:0451

https://access.redhat.com/errata/RHSA-2019:1159

https://access.redhat.com/errata/RHSA-2019:1160

https://access.redhat.com/errata/RHSA-2019:1161

https://access.redhat.com/errata/RHSA-2019:1162

https://access.redhat.com/errata/RHSA-2019:1529

https://access.redhat.com/errata/RHSA-2019:2205

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.activemq.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.debian.org/debian-lts-announce/2018/07/msg00047.html

https://lists.debian.org/debian-lts-announce/2018/09/msg00001.html

https://security.netapp.com/advisory/ntap-20180817-0001/

https://usn.ubuntu.com/3723-1/

https://www.debian.org/security/2018/dsa-4281

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Details

Source: MITRE

Published: 2018-08-01

Updated: 2019-05-14

Type: CWE-295

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from 7.0.35 to 7.0.88 (inclusive)

cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from 8.0.0 to 8.0.52 (inclusive)

cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc3:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc4:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc6:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc7:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc8:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc9:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from 8.5.0 to 8.5.31 (inclusive)

cpe:2.3:a:apache:tomcat:9.0.0:m1:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m10:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m11:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m12:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m13:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m14:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m15:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m16:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m17:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m18:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m19:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m2:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m20:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m21:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m22:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m23:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m24:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m25:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m26:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m27:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m3:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m4:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m5:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m6:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m7:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m8:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m9:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from 9.0.1 to 9.0.9 (inclusive)

Configuration 2

OR

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:oracle:retail_order_broker:5.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_order_broker:5.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*

Tenable Plugins

View all (40 total)

IDNameProductFamilySeverity
145683CentOS 8 : pki-deps:10.6 (CESA-2019:1529)NessusCentOS Local Security Checks
critical
134569Amazon Linux 2 : tomcat (ALAS-2020-1402)NessusAmazon Linux Local Security Checks
critical
132311Red Hat JBoss Enterprise Application Platform 6.x < 6.4.22 Multiple VulnerabilitiesNessusCGI abuses
high
132210EulerOS 2.0 SP3 : tomcat (EulerOS-SA-2019-2675)NessusHuawei Local Security Checks
high
131853EulerOS 2.0 SP2 : tomcat (EulerOS-SA-2019-2361)NessusHuawei Local Security Checks
high
130058Oracle Database Server Multiple Vulnerabilities (Oct 2019 CPU)NessusDatabases
critical
129186EulerOS 2.0 SP5 : tomcat (EulerOS-SA-2019-1992)NessusHuawei Local Security Checks
high
128376CentOS 7 : tomcat (CESA-2019:2205)NessusCentOS Local Security Checks
critical
128266Scientific Linux Security Update : tomcat on SL7.x x86_64 (20190806)NessusScientific Linux Local Security Checks
critical
127697RHEL 7 : tomcat (RHSA-2019:2205)NessusRed Hat Local Security Checks
critical
127594Oracle Linux 8 : pki-deps:10.6 (ELSA-2019-1529)NessusOracle Linux Local Security Checks
critical
126030RHEL 8 : pki-deps:10.6 (RHSA-2019:1529)NessusRed Hat Local Security Checks
critical
125550Symantec Content Analysis < 2.3.5.1 affected by Multiple Vulnerabilities (SYMSA1463)NessusMisc.
high
125035RHEL 7 : JBoss EAP (RHSA-2019:1161)NessusRed Hat Local Security Checks
high
125034RHEL 6 : JBoss EAP (RHSA-2019:1160)NessusRed Hat Local Security Checks
high
700708Apache Tomcat 9.0.x < 9.0.10 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
700695Apache Tomcat 8.5.x < 8.5.32 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
700689Apache Tomcat 8.0.x < 8.0.53 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
700680Apache Tomcat 7.0.41 < 7.0.90 Security BypassNessus Network MonitorWeb Servers
high
124170Oracle Primavera Unifier Multiple Vulnerabilities (Apr 2019 CPU)NessusCGI abuses
critical
124169Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Apr 2019 CPU)NessusCGI abuses
critical
123330openSUSE Security Update : tomcat (openSUSE-2019-770)NessusSuSE Local Security Checks
critical
122606RHEL 6 / 7 : Red Hat JBoss Web Server 5.0 Service Pack 2 (RHSA-2019:0451)NessusRed Hat Local Security Checks
critical
121325RHEL 6 / 7 : Red Hat JBoss Web Server 3.1 Service Pack 6 (RHSA-2019:0131)NessusRed Hat Local Security Checks
high
120717Fedora 28 : 1:tomcat (2018-b1832101b8)NessusFedora Local Security Checks
critical
112305Apache Tomcat 7.0.25 < 7.0.90 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
critical
112296Apache Tomcat 8.5.0 < 8.5.32 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
critical
112290Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
critical
117983openSUSE Security Update : tomcat (openSUSE-2018-1129)NessusSuSE Local Security Checks
critical
117526openSUSE Security Update : tomcat (openSUSE-2018-1019)NessusSuSE Local Security Checks
critical
112230Debian DLA-1491-1 : tomcat8 security updateNessusDebian Local Security Checks
high
112185Debian DSA-4281-1 : tomcat8 - security updateNessusDebian Local Security Checks
high
111611Amazon Linux AMI : tomcat8 (ALAS-2018-1056)NessusAmazon Linux Local Security Checks
critical
111610Amazon Linux AMI : tomcat7 / tomcat80 (ALAS-2018-1055)NessusAmazon Linux Local Security Checks
critical
111394Debian DLA-1453-1 : tomcat7 security updateNessusDebian Local Security Checks
high
111349Ubuntu 14.04 LTS / 16.04 LTS : Tomcat vulnerabilities (USN-3723-1)NessusUbuntu Local Security Checks
high
111069Apache Tomcat 9.0.0 < 9.0.10 Multiple VulnerabilitesNessusWeb Servers
critical
111066Apache Tomcat 7.0.41 < 7.0.90 Multiple VulnerabilitiesNessusWeb Servers
critical
111068Apache Tomcat 8.5.0 < 8.5.32 Multiple VulnerabilitiesNessusWeb Servers
critical
111067Apache Tomcat 8.0.0 < 8.0.53 Security Constraint WeaknessNessusWeb Servers
critical