CVE-2021-25329

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.

References

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cannounce.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cannounce.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cusers.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cannounce.tomcat.apache.org%3E

http://www.openwall.com/lists/oss-security/2021/03/01/2

https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html

https://security.netapp.com/advisory/ntap-20210409-0002/

https://www.debian.org/security/2021/dsa-4891

https://lists.apache.org/thread.html/[email protected]%3Cusers.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cusers.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cusers.tomcat.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cusers.tomcat.apache.org%3E

https://www.oracle.com//security-alerts/cpujul2021.html

https://www.oracle.com/security-alerts/cpuoct2021.html

Details

Source: MITRE

Published: 2021-03-01

Updated: 2021-10-20

Risk Information

CVSS v2

Base Score: 4.4

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.4

Severity: MEDIUM

CVSS v3

Base Score: 7

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from 7.0.0 to 7.0.107 (inclusive)

cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from 8.5.0 to 8.5.61 (inclusive)

cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* versions from 9.0.0 to 9.0.41 (inclusive)

cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone21:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone22:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone23:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone24:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone25:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone26:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone27:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:10.0.0:-:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:10.0.0:milestone1:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:10.0.0:milestone10:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:10.0.0:milestone2:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:10.0.0:milestone3:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:10.0.0:milestone4:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:10.0.0:milestone5:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:10.0.0:milestone6:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:10.0.0:milestone7:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:10.0.0:milestone8:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:10.0.0:milestone9:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Tenable Plugins

View all (21 total)

IDNameProductFamilySeverity
153352EulerOS 2.0 SP2 : tomcat (EulerOS-SA-2021-2435)NessusHuawei Local Security Checks
high
151116RHEL 7 : Red Hat JBoss Web Server 5.5.0 Security release (Moderate) (RHSA-2021:2561)NessusRed Hat Local Security Checks
high
150856Apache Tomcat 10.0.0-M1 < 10.0.2 multiple vulnerabilitiesNessusWeb Servers
high
150565SUSE SLES11 Security Update : tomcat6 (SUSE-SU-2021:14705-1)NessusSuSE Local Security Checks
high
149632EulerOS 2.0 SP8 : tomcat (EulerOS-SA-2021-1891)NessusHuawei Local Security Checks
high
149630EulerOS 2.0 SP5 : tomcat (EulerOS-SA-2021-1915)NessusHuawei Local Security Checks
high
149164EulerOS 2.0 SP3 : tomcat (EulerOS-SA-2021-1856)NessusHuawei Local Security Checks
high
148615Debian DSA-4891-1 : tomcat9 - security updateNessusDebian Local Security Checks
high
148378Amazon Linux AMI : tomcat7 (ALAS-2021-1493)NessusAmazon Linux Local Security Checks
high
148353Photon OS 4.0: Apache PHSA-2021-4.0-0007NessusPhotonOS Local Security Checks
high
148309openSUSE Security Update : tomcat (openSUSE-2021-496)NessusSuSE Local Security Checks
high
147953Photon OS 3.0: Apache PHSA-2021-3.0-0208NessusPhotonOS Local Security Checks
high
147952Photon OS 1.0: Apache PHSA-2021-1.0-0372NessusPhotonOS Local Security Checks
high
147818Photon OS 2.0: Apache PHSA-2021-2.0-0328NessusPhotonOS Local Security Checks
high
147164Apache Tomcat 9.0.0.M1 < 9.0.43 Multiple VulnerabilitiesNessusWeb Servers
high
147163Apache Tomcat 7.0.0 < 7.0.108 RCENessusWeb Servers
high
112712Apache Tomcat 7.0.x < 7.0.108 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
high
112711Apache Tomcat 8.5.x < 8.5.63 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
high
112710Apache Tomcat 9.0.0.M1 < 9.0.43 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
high
112709Apache Tomcat 10.0.0-M1 < 10.0.2 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
high
147019Apache Tomcat 8.5.0 < 8.5.63 Multiple VulnerabilitiesNessusWeb Servers
high