Vulnerability Name:

CVE-2007-3386 (CCN-36001)

Assigned:2007-08-14
Published:2007-08-14
Updated:2018-10-16
Summary:Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.
CVSS v3 Severity:4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N)
3.5 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-79
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: Full-Disclosure Mailing List, Mon Aug 13 2007 - 22:28:50 CDT
CVE-2007-3386: XSS in Host Manager

Source: CONFIRM
Type: UNKNOWN
http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx

Source: CCN
Type: CA Security Response Blog, Jan 23 2009, 06:04 PM
CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities

Source: MITRE
Type: CNA
CVE-2007-3386

Source: CCN
Type: HP Security Bulletin HPSBTU02276 SSRT071472
HP Tru64 UNIX Running Apache Tomcat, Remote Unauthorized Access, Remote Denial of Service (DoS)

Source: CCN
Type: HP Security Bulletin HPSBUX02262 SSRT071447
HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS)

Source: HP
Type: UNKNOWN
SSRT071447

Source: HP
Type: UNKNOWN
SSRT071472

Source: JVN
Type: UNKNOWN
JVN#59851336

Source: SUSE
Type: UNKNOWN
SUSE-SR:2009:004

Source: OSVDB
Type: UNKNOWN
36417

Source: CCN
Type: RHSA-2007-0871
Moderate: tomcat security update

Source: CCN
Type: RHSA-2007-0876
Moderate: tomcat security update

Source: CCN
Type: SA26465
Apache Tomcat Host Manager Servlet "aliases" Cross-Site Scripting

Source: SECUNIA
Type: UNKNOWN
26465

Source: SECUNIA
Type: UNKNOWN
26898

Source: SECUNIA
Type: UNKNOWN
27037

Source: SECUNIA
Type: UNKNOWN
27267

Source: SECUNIA
Type: UNKNOWN
27727

Source: SECUNIA
Type: UNKNOWN
28317

Source: CCN
Type: SA33668
CA Cohesion Application Configuration Manager Apache Tomcat Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
33668

Source: SREASON
Type: UNKNOWN
3010

Source: CCN
Type: SECTRACK ID: 1018558
Tomcat Host Manager Input Validation Hole Permits Cross-Site Scripting Attacks

Source: SECTRACK
Type: UNKNOWN
1018558

Source: CCN
Type: ASA-2007-416
HP-UX running Apache, Remote Arbitrary Code Execution, Cross Site Scripting (XSS) (HPSBUX02262)

Source: CCN
Type: ASA-2007-427
tomcat security update (RHSA-2007-0876)

Source: CONFIRM
Type: UNKNOWN
http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540

Source: CONFIRM
Type: Patch
http://tomcat.apache.org/security-6.html

Source: CCN
Type: Apache Tomcat Web site - Security Updates
low: Cross-site scripting CVE-2007-3386

Source: DEBIAN
Type: UNKNOWN
DSA-1447

Source: DEBIAN
Type: DSA-1447
tomcat5.5 -- several vulnerabilities

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:241

Source: CCN
Type: OSVDB ID: 36417
Apache Tomcat Host Manager Servlet html/add Action aliases Parameter XSS

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0871

Source: BUGTRAQ
Type: UNKNOWN
20070814 CVE-2007-3386: XSS in Host Manager

Source: BUGTRAQ
Type: UNKNOWN
20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities

Source: BUGTRAQ
Type: UNKNOWN
20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)

Source: BID
Type: UNKNOWN
25314

Source: CCN
Type: BID-25314
Apache Tomcat Host Manager Servlet Cross Site Scripting Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2007-2880

Source: VUPEN
Type: UNKNOWN
ADV-2007-3386

Source: VUPEN
Type: UNKNOWN
ADV-2007-3527

Source: VUPEN
Type: UNKNOWN
ADV-2009-0233

Source: XF
Type: UNKNOWN
tomcat-hostmanager-alias-xss(36001)

Source: XF
Type: UNKNOWN
tomcat-hostmanager-alias-xss(36001)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10077

Source: CCN
Type: CA20090123-01
Security Notice for Cohesion Tomcat

Source: FEDORA
Type: UNKNOWN
FEDORA-2007-3456

Source: SUSE
Type: SUSE-SR:2009:004
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:tomcat:5.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.8:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.10:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.11:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.13:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.14:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.15:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.16:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.17:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.18:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.19:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.20:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.21:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.22:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.23:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.24:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apache:tomcat:5.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.20:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.17:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.10:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.11:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.13:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.14:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.15:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.16:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.18:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.19:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.21:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.22:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.23:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.24:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5.5.8:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.9:*:*:*:*:*:*:*
  • AND
  • cpe:/o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/a:redhat:rhel_application_server:2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:18716
    P
    		DSA-1447-1 tomcat5.5 several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:7989
    P
    		DSA-1447 tomcat5.5 -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:22357
    P
    		ELSA-2007:0871: tomcat security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:10077
    V
    		Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action.
    2013-04-29
    oval:org.opensuse.security:def:20073386
    V
    		CVE-2007-3386
    2012-11-01
    oval:org.debian:def:1447
    V
    		several vulnerabilities
    2008-01-03
    oval:com.redhat.rhsa:def:20070871
    P
    		RHSA-2007:0871: tomcat security update (Moderate)
    2007-09-26
    BACK
    apache tomcat 5.5.0
    apache tomcat 5.5.1
    apache tomcat 5.5.2
    apache tomcat 5.5.3
    apache tomcat 5.5.4
    apache tomcat 5.5.5
    apache tomcat 5.5.6
    apache tomcat 5.5.7
    apache tomcat 5.5.8
    apache tomcat 5.5.9
    apache tomcat 5.5.10
    apache tomcat 5.5.11
    apache tomcat 5.5.12
    apache tomcat 5.5.13
    apache tomcat 5.5.14
    apache tomcat 5.5.15
    apache tomcat 5.5.16
    apache tomcat 5.5.17
    apache tomcat 5.5.18
    apache tomcat 5.5.19
    apache tomcat 5.5.20
    apache tomcat 5.5.21
    apache tomcat 5.5.22
    apache tomcat 5.5.23
    apache tomcat 5.5.24
    apache tomcat 6.0.0
    apache tomcat 6.0.1
    apache tomcat 6.0.2
    apache tomcat 6.0.3
    apache tomcat 6.0.4
    apache tomcat 6.0.5
    apache tomcat 6.0.6
    apache tomcat 6.0.7
    apache tomcat 6.0.8
    apache tomcat 6.0.9
    apache tomcat 6.0.10
    apache tomcat 6.0.11
    apache tomcat 6.0.12
    apache tomcat 6.0.13
    apache tomcat 5.5.4
    apache tomcat 5.5.12
    apache tomcat 5.5.9
    apache tomcat 5.5.7
    apache tomcat 5.5.20
    apache tomcat 5.5.17
    apache tomcat 5.5.0
    apache tomcat 5.5.1
    apache tomcat 5.5.10
    apache tomcat 5.5.11
    apache tomcat 5.5.13
    apache tomcat 5.5.14
    apache tomcat 5.5.15
    apache tomcat 5.5.16
    apache tomcat 5.5.18
    apache tomcat 5.5.19
    apache tomcat 5.5.2
    apache tomcat 5.5.21
    apache tomcat 5.5.22
    apache tomcat 5.5.23
    apache tomcat 5.5.24
    apache tomcat 5.5.3
    apache tomcat 5.5.5
    apache tomcat 5.5.6
    apache tomcat 5.5.8
    apache tomcat 6.0.0
    apache tomcat 6.0.1
    apache tomcat 6.0.10
    apache tomcat 6.0.11
    apache tomcat 6.0.12
    apache tomcat 6.0.13
    apache tomcat 6.0.2
    apache tomcat 6.0.3
    apache tomcat 6.0.4
    apache tomcat 6.0.5
    apache tomcat 6.0.6
    apache tomcat 6.0.7
    apache tomcat 6.0.8
    apache tomcat 6.0.9
    hp hp-ux b.11.11
    hp hp-ux b.11.23
    redhat enterprise linux desktop 5.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2007.1
    mandrakesoft mandrake linux 2008.0
    debian debian linux 4.0
    hp hp-ux b.11.31
    redhat enterprise linux 5
    redhat rhel application server 2
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2007.1