Apache Tomcat 8.5.x < 8.5.16 Security Bypass
Medium Nessus Network Monitor Plugin ID 700691
SynopsisThe remote web server is missing an Apache Tomcat patch update.
DescriptionThe version of Apache Tomcat installed on the remote host is version 8.5.x prior to 8.5.15. It is, therefore, affected by multiple vulnerabilities :
- A flaw exists in the CORS filter because the HTTP Vary header was not properly added. This allows a remote attacker to conduct client-side and server-side cache poisoning attacks. (CVE-2017-7674)
- A flaw exists in the HTTP/2 implementation that bypasses a number of security checks that prevented directory traversal attacks. A remote attacker can exploit this to bypass security constraints. (CVE-2017-7675)
SolutionUpdate to Apache Tomcat version 8.5.15 or later.