CVE-2015-5351

HIGH

Apache Tomcat <7.0.68, <8.0.31, <9.0.0.M2 - CSRF

Title source: llm

Description

The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a token.

References (36)

Core 36

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/83330

Exploit, Third Party Advisory x_refsource_misc

http://packetstormsecurity.com/files/135882/Apache-Tomcat-CSRF-Token-Leak.html

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

Third Party Advisory vendor-advisory x_refsource_gentoo

https://security.gentoo.org/glsa/201705-09

Patch x_refsource_confirm

http://svn.apache.org/viewvc?view=revision&revision=1720658

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html

Vendor Advisory x_refsource_confirm

http://tomcat.apache.org/security-9.html

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-3024-1

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2016/dsa-3530

Vendor Advisory x_refsource_confirm

http://tomcat.apache.org/security-7.html

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Mailing List mailing-list x_refsource_bugtraq

http://seclists.org/bugtraq/2016/Feb/148

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2016-1089.html

Vendor Advisory x_refsource_confirm

http://tomcat.apache.org/security-8.html

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2016:1087

Patch x_refsource_confirm

http://svn.apache.org/viewvc?view=revision&revision=1720655

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1035069

Various Sources x_refsource_confirm

https://bto.bluecoat.com/security-advisory/sa118

Vendor Advisory x_refsource_confirm

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442

Patch x_refsource_confirm

http://svn.apache.org/viewvc?view=revision&revision=1720663

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2016-2807.html

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2016:1088

Vendor Advisory x_refsource_confirm

https://security.netapp.com/advisory/ntap-20180531-0001/

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2016-2808.html

Patch x_refsource_confirm

http://svn.apache.org/viewvc?view=revision&revision=1720661

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2016-2599.html

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2016/dsa-3609

Patch x_refsource_confirm

http://svn.apache.org/viewvc?view=revision&revision=1720652

Vendor Advisory x_refsource_confirm

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626

Vendor Advisory x_refsource_confirm

https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02978021

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2016/dsa-3552

Patch x_refsource_confirm

http://svn.apache.org/viewvc?view=revision&revision=1720660

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

Scores

CVSS v3 8.8

EPSS 0.0600

EPSS Percentile 90.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-352

Status published

Products (47)

apache/tomcat 7.0.0 beta

apache/tomcat 7.0.2 beta

apache/tomcat 7.0.4 beta

apache/tomcat 7.0.5 beta

apache/tomcat 7.0.6

apache/tomcat 7.0.10

apache/tomcat 7.0.11

apache/tomcat 7.0.12

apache/tomcat 7.0.14

apache/tomcat 7.0.16

... and 37 more

Published Feb 25, 2016

Tracked Since Feb 18, 2026