CVE-2018-8034

MEDIUM

Description

The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88.

References

http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%[email protected]%3E

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

http://www.securityfocus.com/bid/104895

http://www.securitytracker.com/id/1041374

https://access.redhat.com/errata/RHSA-2019:0130

https://access.redhat.com/errata/RHSA-2019:0131

https://access.redhat.com/errata/RHSA-2019:0450

https://access.redhat.com/errata/RHSA-2019:0451

https://access.redhat.com/errata/RHSA-2019:1159

https://access.redhat.com/errata/RHSA-2019:1160

https://access.redhat.com/errata/RHSA-2019:1161

https://access.redhat.com/errata/RHSA-2019:1162

https://access.redhat.com/errata/RHSA-2019:1529

https://access.redhat.com/errata/RHSA-2019:2205

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.activemq.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.debian.org/debian-lts-announce/2018/07/msg00047.html

https://lists.debian.org/debian-lts-announce/2018/09/msg00001.html

https://security.netapp.com/advisory/ntap-20180817-0001/

https://usn.ubuntu.com/3723-1/

https://www.debian.org/security/2018/dsa-4281

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Details

Source: MITRE

Published: 2018-08-01

Updated: 2019-05-14

Type: CWE-295

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3.0

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from 7.0.35 to 7.0.88 (inclusive)

cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from 8.0.0 to 8.0.52 (inclusive)

cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc3:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc4:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc6:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc7:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc8:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:8.0.0:rc9:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from 8.5.0 to 8.5.31 (inclusive)

cpe:2.3:a:apache:tomcat:9.0.0:m1:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m10:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m11:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m12:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m13:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m14:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m15:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m16:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m17:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m18:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m19:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m2:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m20:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m21:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m22:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m23:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m24:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m25:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m26:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m27:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m3:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m4:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m5:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m6:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m7:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m8:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:m9:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from 9.0.1 to 9.0.9 (inclusive)

Configuration 2

OR

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:oracle:retail_order_broker:5.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_order_broker:5.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*

Tenable Plugins

View all (40 total)

IDNameProductFamilySeverity
145683CentOS 8 : pki-deps:10.6 (CESA-2019:1529)NessusCentOS Local Security Checks
high
134569Amazon Linux 2 : tomcat (ALAS-2020-1402)NessusAmazon Linux Local Security Checks
high
132311Red Hat JBoss Enterprise Application Platform 6.x < 6.4.22 Multiple VulnerabilitiesNessusCGI abuses
medium
132210EulerOS 2.0 SP3 : tomcat (EulerOS-SA-2019-2675)NessusHuawei Local Security Checks
medium
131853EulerOS 2.0 SP2 : tomcat (EulerOS-SA-2019-2361)NessusHuawei Local Security Checks
medium
130058Oracle Database Server Multiple Vulnerabilities (Oct 2019 CPU)NessusDatabases
high
129186EulerOS 2.0 SP5 : tomcat (EulerOS-SA-2019-1992)NessusHuawei Local Security Checks
medium
128376CentOS 7 : tomcat (CESA-2019:2205)NessusCentOS Local Security Checks
high
128266Scientific Linux Security Update : tomcat on SL7.x x86_64 (20190806)NessusScientific Linux Local Security Checks
high
127697RHEL 7 : tomcat (RHSA-2019:2205)NessusRed Hat Local Security Checks
high
127594Oracle Linux 8 : pki-deps:10.6 (ELSA-2019-1529)NessusOracle Linux Local Security Checks
high
126030RHEL 8 : pki-deps:10.6 (RHSA-2019:1529)NessusRed Hat Local Security Checks
high
125550Symantec Content Analysis < 2.3.5.1 affected by Multiple Vulnerabilities (SYMSA1463)NessusMisc.
medium
125035RHEL 7 : JBoss EAP (RHSA-2019:1161)NessusRed Hat Local Security Checks
medium
125034RHEL 6 : JBoss EAP (RHSA-2019:1160)NessusRed Hat Local Security Checks
medium
700708Apache Tomcat 9.0.x < 9.0.10 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
700695Apache Tomcat 8.5.x < 8.5.32 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
700689Apache Tomcat 8.0.x < 8.0.53 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
700680Apache Tomcat 7.0.41 < 7.0.90 Security BypassNessus Network MonitorWeb Servers
high
124170Oracle Primavera Unifier Multiple Vulnerabilities (Apr 2019 CPU)NessusCGI abuses
high
124169Oracle Primavera P6 Enterprise Project Portfolio Management (EPPM) Multiple Vulnerabilities (Apr 2019 CPU)NessusCGI abuses
high
123330openSUSE Security Update : tomcat (openSUSE-2019-770)NessusSuSE Local Security Checks
high
122606RHEL 6 / 7 : Red Hat JBoss Web Server 5.0 Service Pack 2 (RHSA-2019:0451)NessusRed Hat Local Security Checks
high
121325RHEL 6 / 7 : Red Hat JBoss Web Server 3.1 Service Pack 6 (RHSA-2019:0131)NessusRed Hat Local Security Checks
medium
120717Fedora 28 : 1:tomcat (2018-b1832101b8)NessusFedora Local Security Checks
high
112305Apache Tomcat 7.0.25 < 7.0.90 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
high
112296Apache Tomcat 8.5.0 < 8.5.32 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
high
112290Apache Tomcat 9.0.0.M1 < 9.0.10 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
high
117983openSUSE Security Update : tomcat (openSUSE-2018-1129)NessusSuSE Local Security Checks
high
117526openSUSE Security Update : tomcat (openSUSE-2018-1019)NessusSuSE Local Security Checks
high
112230Debian DLA-1491-1 : tomcat8 security updateNessusDebian Local Security Checks
medium
112185Debian DSA-4281-1 : tomcat8 - security updateNessusDebian Local Security Checks
medium
111611Amazon Linux AMI : tomcat8 (ALAS-2018-1056)NessusAmazon Linux Local Security Checks
high
111610Amazon Linux AMI : tomcat7 / tomcat80 (ALAS-2018-1055)NessusAmazon Linux Local Security Checks
high
111394Debian DLA-1453-1 : tomcat7 security updateNessusDebian Local Security Checks
medium
111349Ubuntu 14.04 LTS / 16.04 LTS : Tomcat vulnerabilities (USN-3723-1)NessusUbuntu Local Security Checks
medium
111069Apache Tomcat 9.0.0 < 9.0.10 Multiple VulnerabilitesNessusWeb Servers
high
111066Apache Tomcat 7.0.41 < 7.0.90 Multiple VulnerabilitiesNessusWeb Servers
high
111068Apache Tomcat 8.5.0 < 8.5.32 Multiple VulnerabilitiesNessusWeb Servers
high
111067Apache Tomcat 8.0.0 < 8.0.53 Security Constraint WeaknessNessusWeb Servers
high