2018-08-02
|
CVE-2018-8032
|
Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.
|
Axis, Debian_linux, Agile_engineering_data_management, Agile_product_lifecycle_management, Application_testing_suite, Big_data_discovery, Communications_asap_cartridges, Communications_design_studio, Communications_element_manager, Communications_network_integrity, Communications_order_and_service_management, Communications_session_report_manager, Communications_session_route_manager, Endeca_information_discovery_studio, Enterprise_manager_base_platform, Enterprise_manager_for_fusion_middleware, Financial_services_analytical_applications_infrastructure, Financial_services_compliance_regulatory_reporting, Financial_services_funds_transfer_pricing, Flexcube_core_banking, Flexcube_private_banking, Hospitality_guest_access, Instantis_enterprisetrack, Internet_directory, Knowledge, Peoplesoft_enterprise_human_capital_management_human_resources, Peoplesoft_enterprise_peopletools, Policy_automation_connector_for_siebel, Primavera_gateway, Primavera_unifier, Rapid_planning, Real\-Time_decision_server, Retail_order_broker, Retail_xstore_point_of_service, Secure_global_desktop, Siebel_ui_framework, Tuxedo, Webcenter_portal
|
6.1
|
|
|
2019-05-01
|
CVE-2019-0227
|
A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue.
|
Axis, Agile_engineering_data_management, Agile_product_lifecycle_management, Application_testing_suite, Big_data_discovery, Communications_asap_cartridges, Communications_design_studio, Communications_element_manager, Communications_network_integrity, Communications_order_and_service_management, Communications_session_report_manager, Communications_session_route_manager, Endeca_information_discovery_studio, Enterprise_manager_base_platform, Enterprise_manager_for_fusion_middleware, Financial_services_analytical_applications_infrastructure, Financial_services_compliance_regulatory_reporting, Financial_services_funds_transfer_pricing, Flexcube_core_banking, Flexcube_private_banking, Hospitality_guest_access, Instantis_enterprisetrack, Internet_directory, Knowledge, Peoplesoft_enterprise_human_capital_management_human_resources, Peoplesoft_enterprise_peopletools, Policy_automation_connector_for_siebel, Primavera_gateway, Primavera_unifier, Rapid_planning, Real\-Time_decision_server, Retail_order_broker, Retail_xstore_point_of_service, Secure_global_desktop, Siebel_ui_framework, Tuxedo, Webcenter_portal
|
7.5
|
|
|
2017-04-06
|
CVE-2016-8735
|
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.
|
Tomcat, Ubuntu_linux, Debian_linux, 7\-Mode_transition_tool, Oncommand_insight, Oncommand_shift, Snap_creator_framework, Agile_engineering_data_management, Agile_plm, Communications_application_session_controller, Communications_instant_messaging_server, Communications_interactive_session_recorder, Hospitality_guest_access, Micros_relate_crm_software, Micros_retail_xbri_loss_prevention, Mysql_enterprise_monitor, Retail_convenience_and_fuel_pos_software, Transportation_management, Jboss_enterprise_web_server
|
9.8
|
|
|
2020-02-24
|
CVE-2020-1938
|
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses....
|
Geode, Tomcat, Good_control, Workspaces_server, Debian_linux, Fedora, Data_availability_services, Oncommand_system_manager, Leap, Agile_engineering_data_management, Agile_plm, Communications_element_manager, Communications_instant_messaging_server, Health_sciences_empirica_inspections, Health_sciences_empirica_signal, Hospitality_guest_access, Instantis_enterprisetrack, Mysql_enterprise_monitor, Siebel_ui_framework, Transportation_management, Workload_manager
|
9.8
|
|
|
2020-02-24
|
CVE-2020-1935
|
In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
|
Tomcat, Ubuntu_linux, Debian_linux, Data_availability_services, Oncommand_system_manager, Leap, Agile_engineering_data_management, Agile_product_lifecycle_management, Communications_element_manager, Communications_instant_messaging_server, Health_sciences_empirica_inspections, Health_sciences_empirica_signal, Hospitality_guest_access, Hyperion_infrastructure_technology, Instantis_enterprisetrack, Mysql_enterprise_monitor, Retail_order_broker, Siebel_ui_framework, Transportation_management, Workload_manager
|
4.8
|
|
|
2020-05-14
|
CVE-2020-1945
|
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.
|
Ant, Ubuntu_linux, Fedora, Leap, Agile_engineering_data_management, Banking_enterprise_collections, Banking_liquidity_management, Banking_platform, Business_process_management_suite, Category_management_planning_\&_optimization, Communications_asap, Communications_diameter_signaling_router, Communications_metasolv_solution, Communications_order_and_service_management, Data_integrator, Endeca_information_discovery_studio, Enterprise_manager_ops_center, Enterprise_repository, Financial_services_analytical_applications_infrastructure, Flexcube_investor_servicing, Flexcube_private_banking, Health_sciences_information_manager, Primavera_gateway, Primavera_unifier, Rapid_planning, Real\-Time_decision_server, Retail_advanced_inventory_planning, Retail_assortment_planning, Retail_back_office, Retail_bulk_data_integration, Retail_central_office, Retail_data_extractor_for_merchandising, Retail_extract_transform_and_load, Retail_financial_integration, Retail_integration_bus, Retail_item_planning, Retail_macro_space_optimization, Retail_merchandise_financial_planning, Retail_merchandising_system, Retail_point\-Of\-Service, Retail_predictive_application_server, Retail_regular_price_optimization, Retail_replenishment_optimization, Retail_returns_management, Retail_service_backbone, Retail_size_profile_optimization, Retail_store_inventory_management, Retail_xstore_point_of_service, Timesten_in\-Memory_database, Utilities_framework
|
6.3
|
|
|
2020-05-20
|
CVE-2020-9484
|
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter="null" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be...
|
Tomcat, Ubuntu_linux, Debian_linux, Fedora, Epolicy_orchestrator, Leap, Agile_engineering_data_management, Agile_plm, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_policy, Communications_diameter_signaling_router, Communications_element_manager, Communications_instant_messaging_server, Communications_session_report_manager, Communications_session_route_manager, Database, Fmw_platform, Hospitality_guest_access, Instantis_enterprisetrack, Managed_file_transfer, Mysql_enterprise_monitor, Retail_order_broker, Siebel_apps_\-_marketing, Siebel_ui_framework, Transportation_management, Workload_manager
|
7.0
|
|
|
2020-07-14
|
CVE-2020-13935
|
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service.
|
Tomcat, Ubuntu_linux, Debian_linux, Epolicy_orchestrator, Oncommand_system_manager, Leap, Agile_engineering_data_management, Agile_plm, Blockchain_platform, Commerce_guided_search, Communications_cloud_native_core_policy, Communications_instant_messaging_server, Fmw_platform, Instantis_enterprisetrack, Managed_file_transfer, Mysql_enterprise_monitor, Siebel_ui_framework, Workload_manager
|
7.5
|
|
|
2020-07-14
|
CVE-2020-13934
|
An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service.
|
Tomcat, Ubuntu_linux, Debian_linux, Oncommand_system_manager, Leap, Agile_engineering_data_management, Agile_plm, Communications_instant_messaging_server, Fmw_platform, Instantis_enterprisetrack, Managed_file_transfer, Mysql_enterprise_monitor, Siebel_ui_framework, Workload_manager
|
7.5
|
|
|
2020-12-07
|
CVE-2020-17521
|
Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some contexts. Users not using the extension methods mentioned in the advisory are not affected, but may wish to read the advisory for further details. Versions Affected: 2.0 to 2.4.20, 2.5.0 to 2.5.13, 3.0.0 to 3.0.6, and...
|
Atlas, Groovy, Snapcenter, Agile_engineering_data_management, Agile_plm, Agile_plm_mcad_connector, Business_process_management_suite, Communications_brm_\-_elastic_charging_engine, Communications_diameter_signaling_router, Communications_evolved_communications_application_server, Communications_services_gatekeeper, Healthcare_data_repository, Hospitality_opera_5, Ilearning, Insurance_policy_administration, Jd_edwards_enterpriseone_orchestrator, Primavera_gateway, Primavera_unifier, Retail_bulk_data_integration, Retail_merchandising_system, Retail_store_inventory_management
|
5.5
|
|
|