CVE-2015-5345
Publication date 24 February 2016
Last updated 24 July 2024
Ubuntu priority
The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character.
From the Ubuntu Security Team
It was discovered that the Tomcat mapper component incorrectly handled redirects. A remote attacker could use this issue to determine the existence of a directory.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| tomcat6 | 18.04 LTS bionic | Not in release |
| 16.04 LTS xenial |
Fixed 6.0.45+dfsg-1
|
|
| 14.04 LTS trusty |
Fixed 6.0.39-1ubuntu0.1
|
|
| tomcat7 | 18.04 LTS bionic |
Not affected
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty |
Fixed 7.0.52-1ubuntu0.6
|
|
| tomcat8 | 18.04 LTS bionic |
Not affected
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty | Not in release | |
| tomcat9 | 18.04 LTS bionic |
Fixed 9.0.16-3~18.04.1
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
Patch details
| Package | Patch details |
|---|---|
| tomcat6 | |
| tomcat7 | |
| tomcat8 |
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
5.3 · Medium
|
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | Low |
| Integrity impact | None |
| Availability impact | None |
| Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
References
Related Ubuntu Security Notices (USN)
- USN-3024-1
- Tomcat vulnerabilities
- 5 July 2016