CVE-2015-5351

CVSS V2 Medium 6.8 CVSS V3 High 8.8
Description
The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a token.
Overview
  • CVE ID
  • CVE-2015-5351
  • Assigner
  • secalert@redhat.com
  • Vulnerability Status
  • Modified
  • Published Version
  • 2016-02-25T01:59:03
  • Last Modified Date
  • 2018-07-19T01:29:02
Weakness Enumerations
CWE URL
CWE-352 http://cwe.mitre.org/data/definitions/352.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.5:beta:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.59:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.61:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.62:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.63:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.64:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.65:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:7.0.67:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.0:rc3:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.17:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.24:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.26:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.27:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.28:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.29:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:8.0.30:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:tomcat:9.0.0:m1:*:*:*:*:*:* 1 OR
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:* 1 OR
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* 1 OR
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:M/Au:N/C:P/I:P/A:P
  • Access Vector
  • NETWORK
  • Access Compatibility
  • MEDIUM
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • PARTIAL
  • Availability Impact
  • PARTIAL
  • Base Score
  • 6.8
  • Severity
  • MEDIUM
  • Exploitability Score
  • 8.6
  • Impact Score
  • 6.4
CVSS Version 3
  • Version
  • 3.0
  • Vector String
  • CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Attack Vector
  • NETWORK
  • Attack Compatibility
  • LOW
  • Privileges Required
  • NONE
  • User Interaction
  • REQUIRED
  • Scope
  • UNCHANGED
  • Confidentiality Impact
  • HIGH
  • Availability Impact
  • HIGH
  • Base Score
  • 8.8
  • Base Severity
  • HIGH
  • Exploitability Score
  • 2.8
  • Impact Score
  • 5.9
References
Reference URL Reference Tags
http://svn.apache.org/viewvc?view=revision&revision=1720663
http://svn.apache.org/viewvc?view=revision&revision=1720652
http://svn.apache.org/viewvc?view=revision&revision=1720655
http://tomcat.apache.org/security-8.html Vendor Advisory
http://tomcat.apache.org/security-9.html Vendor Advisory
http://svn.apache.org/viewvc?view=revision&revision=1720658
http://tomcat.apache.org/security-7.html Vendor Advisory
http://svn.apache.org/viewvc?view=revision&revision=1720660
http://seclists.org/bugtraq/2016/Feb/148
http://svn.apache.org/viewvc?view=revision&revision=1720661
http://www.debian.org/security/2016/dsa-3530
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442
http://www.debian.org/security/2016/dsa-3609
http://www.ubuntu.com/usn/USN-3024-1
http://www.debian.org/security/2016/dsa-3552
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
http://www.securityfocus.com/bid/83330
https://access.redhat.com/errata/RHSA-2016:1087
http://rhn.redhat.com/errata/RHSA-2016-1089.html
https://access.redhat.com/errata/RHSA-2016:1088
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html
https://bto.bluecoat.com/security-advisory/sa118
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html
http://www.securitytracker.com/id/1035069
http://packetstormsecurity.com/files/135882/Apache-Tomcat-CSRF-Token-Leak.html
https://security.gentoo.org/glsa/201705-09
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02978021
http://rhn.redhat.com/errata/RHSA-2016-2808.html
http://rhn.redhat.com/errata/RHSA-2016-2807.html
http://rhn.redhat.com/errata/RHSA-2016-2599.html
https://security.netapp.com/advisory/ntap-20180531-0001/
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2015-5351
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5351
History
Created Old Value New Value Data Type Notes
2022-05-10 18:41:03 Added to TrackCVE
2022-12-02 08:28:53 2016-02-25T01:59Z 2016-02-25T01:59:03 CVE Published Date updated
2022-12-02 08:28:53 2018-07-19T01:29:02 CVE Modified Date updated
2022-12-02 08:28:53 Modified Vulnerability Status updated