CVE编号
CVE-2020-1935利用情况
暂无补丁情况
官方补丁披露时间
2020-02-25漏洞描述
在Apache Tomcat 9.0.0.M1到9.0.30、8.5.0到8.5.50和7.0.0到7.0.99中,HTTP标头解析代码使用了行末解析的方法,该方法允许一些无效的HTTP标头被解析为有效。如果Tomcat位于反向代理后面,而反向代理以特定方式错误地处理了无效的Transfer-Encoding标头,则可能导致HTTP请求走私。这种反向代理被认为是不可能的。解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接 |
|
|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00025.html | |
| https://lists.apache.org/thread.html/r127f76181aceffea2bd4711b03c595d0f115f63... | |
| https://lists.apache.org/thread.html/r441c1f30a252bf14b07396286f6abd8089ce424... | |
| https://lists.apache.org/thread.html/r660cd379afe346f10d72c0eaa8459ccc95d83af... | |
| https://lists.apache.org/thread.html/r7bc994c965a34876bd94d5ff15b4e1e30b6220a... | |
| https://lists.apache.org/thread.html/r80e9c8417c77d52c62809168b96912bda70ddf7... | |
| https://lists.apache.org/thread.html/r9ce7918faf347e7aac32be930bf26c233b0b140... | |
| https://lists.apache.org/thread.html/ra5dee390ad2d60307b8362505c059cd6a726de4... | |
| https://lists.apache.org/thread.html/rc31cbabb46cdc58bbdd8519a8f64b6236b2635a... | |
| https://lists.apache.org/thread.html/rd547be0c9d821b4b1000a694b8e58ef9f5e2d66... | |
| https://lists.debian.org/debian-lts-announce/2020/03/msg00006.html | |
| https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html | |
| https://security.netapp.com/advisory/ntap-20200327-0005/ | |
| https://usn.ubuntu.com/4448-1/ | |
| https://www.debian.org/security/2020/dsa-4673 | |
| https://www.debian.org/security/2020/dsa-4680 | |
| https://www.oracle.com/security-alerts/cpujan2021.html | |
| https://www.oracle.com/security-alerts/cpujul2020.html | |
| https://www.oracle.com/security-alerts/cpuoct2020.html |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 应用 | apache | tomcat | * |
From (including) 7.0.0 |
Up to (including) 7.0.99 |
||||
| 运行在以下环境 | |||||||||
| 应用 | apache | tomcat | * |
From (including) 8.5.0 |
Up to (including) 8.5.50 |
||||
| 运行在以下环境 | |||||||||
| 应用 | apache | tomcat | * |
From (including) 9.0.0 |
Up to (including) 9.0.30 |
||||
| 运行在以下环境 | |||||||||
| 应用 | apache | tomcat | 9.0.0 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | netapp | data_availability_services | - | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | oracle | communications_element_manager | 8.1.1 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | oracle | communications_element_manager | 8.2.0 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | oracle | communications_element_manager | 8.2.1 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | oracle | communications_instant_messaging_server | 10.0.1.4.0 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | oracle | health_sciences_empirica_signal | 7.3.3 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | oracle | hospitality_guest_access | 4.2.0 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | oracle | hospitality_guest_access | 4.2.1 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | oracle | instantis_enterprisetrack | * |
From (including) 17.1 |
Up to (including) 17.3 |
||||
| 运行在以下环境 | |||||||||
| 应用 | oracle | mysql_enterprise_monitor | * |
Up to (including) 4.0.12 |
|||||
| 运行在以下环境 | |||||||||
| 应用 | oracle | mysql_enterprise_monitor | * |
From (including) 4.1 |
Up to (including) 8.0.20 |
||||
| 运行在以下环境 | |||||||||
| 应用 | oracle | transportation_management | 6.3.7 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | oracle | workload_manager | 12.2.0.1 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | oracle | workload_manager | 18c | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | oracle | workload_manager | 19c | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | alibaba_cloud_linux_2.1903 | tomcat | * |
Up to (excluding) 7.0.76-16.1.al7 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | amazon linux_AMI | tomcat | * |
Up to (excluding) 7.0.107-1.39.amzn1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | amazon_AMI | tomcat | * |
Up to (excluding) 7.0.107-1.39.amzn1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | canonical | ubuntu_linux | 16.04 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | centos_7 | tomcat | * |
Up to (excluding) 7.0.76-16.el7_9 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | centos_8 | tomcat | * |
Up to (excluding) 2.10.0-1.module+el8.2.0+5059+3eb3af25 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | debian | debian_linux | 10.0 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian | debian_linux | 8.0 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian | debian_linux | 9.0 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_10 | tomcat | * |
Up to (excluding) 9.0.31-1~deb10u1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | debian_8 | tomcat | * |
Up to (excluding) 7.0.56-3+deb8u3 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | debian_9 | tomcat | * |
Up to (excluding) 7.0.75-1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | opensuse | leap | 15.1 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | opensuse_Leap_15.1 | tomcat | * |
Up to (excluding) 9.0.31-lp151.3.12.1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | oracle linux_7 | tomcat | * |
Up to (excluding) 7.0.76-16.el7_9 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | oracle_7 | tomcat | * |
Up to (excluding) 7.0.76-16.el7_9 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | redhat_7 | tomcat | * |
Up to (excluding) 0:7.0.76-16.el7_9 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | redhat_8 | tomcat | * |
Up to (excluding) 2.10.0-1.module+el8.2.0+5059+3eb3af25 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | sles_12 | tomcat | * |
Up to (excluding) 9.0.31-3.25 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | sles_12_SP4 | tomcat | * |
Up to (excluding) 9.0.31-3.25.1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | sles_12_SP5 | tomcat | * |
Up to (excluding) 9.0.31-3.25.1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | suse_12_SP4 | tomcat | * |
Up to (excluding) 9.0.31-3.25.1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | suse_12_SP5 | tomcat | * |
Up to (excluding) 9.0.31-3.25.1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | ubuntu_16.04 | tomcat | * |
Up to (excluding) 8.0.32-1ubuntu1.13 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | ubuntu_16.04_lts | tomcat8 | * |
Up to (excluding) 8.0.32-1ubuntu1.13 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | unionos_20 | tomcat | * |
Up to (excluding) 9.0.31-1~deb10u2 |
|||||
- 攻击路径 远程
- 攻击复杂度 复杂
- 权限要求 无需权限
- 影响范围 有限影响
- EXP成熟度 未验证
- 补丁情况 官方补丁
- 数据保密性 数据泄露
- 数据完整性 传输被破坏
- 服务器危害 无影响
- 全网数量 N/A
还没有评论,来说两句吧...