CVE-2023-41080

MEDIUM

Apache Tomcat <11.0.0-M10 - Open Redirect

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-41080. PoCs published by shiomiyan.

AI-analyzed exploit summary This repository demonstrates CVE-2023-41080, an open redirect vulnerability in Apache Tomcat. It includes a Docker Compose setup with vulnerable (9.0.79) and patched (9.0.80) versions, along with a test case showing the redirect behavior.

Description

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. Older, EOL versions may also be affected. The vulnerability is limited to the ROOT (default) web application.

Exploits (1)

nomisec WORKING POC 11 stars

by shiomiyan · poc

https://github.com/shiomiyan/CVE-2023-41080

View Code ZIP pw:eip

This repository demonstrates CVE-2023-41080, an open redirect vulnerability in Apache Tomcat. It includes a Docker Compose setup with vulnerable (9.0.79) and patched (9.0.80) versions, along with a test case showing the redirect behavior.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Apache Tomcat 9.0.79

No auth needed

Prerequisites: Docker environment to run the Compose setup

MITRE ATT&CK

T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (5)

Core 5

Core References

Mailing List, Third Party Advisory

https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html

Third Party Advisory

https://security.netapp.com/advisory/ntap-20230921-0006/

Third Party Advisory

https://www.debian.org/security/2023/dsa-5521

Third Party Advisory

https://www.debian.org/security/2023/dsa-5522

Issue Tracking, Patch, Vendor Advisory vendor-advisory

https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f

Scores

CVSS v3 6.1

EPSS 0.1159

EPSS Percentile 93.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-601

Status published

Products (15)

apache/tomcat 11.0.0 milestone1 (10 CPE variants)

apache/tomcat 8.5.0 - 8.5.92

debian/debian_linux 10.0

debian/debian_linux 11.0

org.apache.tomcat/tomcat 10.1.0-M1 - 10.1.13Maven

org.apache.tomcat/tomcat 11.0.0-M1 - 11.0.0-M11Maven

org.apache.tomcat/tomcat 8.5.0 - 8.5.93Maven

org.apache.tomcat/tomcat 9.0.0-M1 - 9.0.80Maven

org.apache.tomcat/tomcat-catalina 10.1.0-M1 - 10.1.13Maven

org.apache.tomcat/tomcat-catalina 8.5.0 - 8.5.93Maven

... and 5 more

Published Aug 25, 2023

Tracked Since Feb 18, 2026