CVE-2015-5345

Description

The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character.

References

https://security.netapp.com/advisory/ntap-20180531-0001/

https://security.gentoo.org/glsa/201705-09

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

https://kc.mcafee.com/corporate/index?page=content&id=SB10156

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964

https://bz.apache.org/bugzilla/show_bug.cgi?id=58765

https://bto.bluecoat.com/security-advisory/sa118

https://access.redhat.com/errata/RHSA-2016:1088

https://access.redhat.com/errata/RHSA-2016:1087

http://www.ubuntu.com/usn/USN-3024-1

http://www.securitytracker.com/id/1035071

http://www.securityfocus.com/bid/83328

http://www.qcsec.com/blog/CVE-2015-5345-apache-tomcat-vulnerability.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

http://www.debian.org/security/2016/dsa-3609

http://www.debian.org/security/2016/dsa-3552

http://www.debian.org/security/2016/dsa-3530

http://tomcat.apache.org/security-9.html

http://tomcat.apache.org/security-8.html

http://tomcat.apache.org/security-7.html

http://tomcat.apache.org/security-6.html

http://svn.apache.org/viewvc?view=revision&revision=1717216

http://svn.apache.org/viewvc?view=revision&revision=1717212

http://svn.apache.org/viewvc?view=revision&revision=1717209

http://svn.apache.org/viewvc?view=revision&revision=1716894

http://svn.apache.org/viewvc?view=revision&revision=1716882

http://svn.apache.org/viewvc?view=revision&revision=1715216

http://svn.apache.org/viewvc?view=revision&revision=1715213

http://svn.apache.org/viewvc?view=revision&revision=1715207

http://svn.apache.org/viewvc?view=revision&revision=1715206

http://seclists.org/fulldisclosure/2016/Feb/122

http://seclists.org/bugtraq/2016/Feb/146

http://rhn.redhat.com/errata/RHSA-2016-2599.html

http://rhn.redhat.com/errata/RHSA-2016-2045.html

http://rhn.redhat.com/errata/RHSA-2016-1089.html

http://packetstormsecurity.com/files/135892/Apache-Tomcat-Directory-Disclosure.html

http://marc.info/?l=bugtraq&m=145974991225029&w=2

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00082.html

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3