Detections
Analytics

SUSE SLES15 / openSUSE 15 Security Update : tomcat10 (SUSE-SU-2025:03006-1)

high Nessus Plugin ID 258107

Language:

Synopsis

The remote SUSE host is missing a security update.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03006-1 advisory.

 Updated to Tomcat 10.1.44:

 - CVE-2025-48989: Fixed 'MadeYouReset' DoS in HTTP/2 due to client triggered stream reset (bsc#1243895)

 Other fixes:

 - Catalina
 - Fix: Fix bloom filter population for archive indexing when using a packed WAR containing one or more JAR files. (markt)
 - Coyote
 - Fix: 69748: Add missing call to set keep-alive timeout when using HTTP/1.1 following an async request, which was present for AJP.
 (remm/markt)
 - Fix: 69762: Fix possible overflow during HPACK decoding of integers. Note that the maximum permitted value of an HPACK decoded integer is Integer.MAX_VALUE. (markt)
 - Fix: Update the HTTP/2 overhead documentation - particularly the code comments - to reflect the deprecation of the PRIORITY frame and clarify that a stream reset always triggers an overhead increase. (markt)
 - Fix: 69762: Additional overflow fix for HPACK decoding of integers. Pull request #880 by Chenjp. (markt)
 - Cluster
 - Update: Add enableStatistics configuration attribute for the DeltaManager, defaulting to true. (remm)
 - WebSocket
 - Fix: Align the WebSocket extension handling for WebSocket client connections with WebSocket server connections. The WebSocket client now only includes an extension requested by an endpoint in the opening handshake if the WebSocket client supports that extension. (markt)
 - Web applications
 - Fix: Manager and Host Manager. Provide the Manager and Host Manager web applications with a dedicated favicon file rather than using the one from the ROOT web application which might not be present or may represent something entirely different. Pull requests #876 and #878 by Simon Arame.
 - Other
 - Update: Update Checkstyle to 10.26.1. (markt)
 - Add: Improvements to French translations. (remm)
 - Add: Improvements to Japanese translations by tak7iji. (markt)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1243895

https://lists.suse.com/pipermail/sle-updates/2025-August/041412.html

https://www.suse.com/security/cve/CVE-2025-48989

Plugin Details

Severity: High

ID: 258107

File Name: suse_SU-2025-03006-1.nasl

Version: 1.1

Type: local

Agent: unix

Published: 8/29/2025

Updated: 8/29/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2025-48989

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:tomcat10-jsp-3_1-api, p-cpe:/a:novell:suse_linux:tomcat10, p-cpe:/a:novell:suse_linux:tomcat10-el-5_0-api, p-cpe:/a:novell:suse_linux:tomcat10-lib, p-cpe:/a:novell:suse_linux:tomcat10-webapps, p-cpe:/a:novell:suse_linux:tomcat10-admin-webapps, p-cpe:/a:novell:suse_linux:tomcat10-servlet-6_0-api, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 8/28/2025

Vulnerability Publication Date: 8/6/2025

Reference Information

CVE: CVE-2025-48989

IAVA: 2025-A-0582

SuSE: SUSE-SU-2025:03006-1