Vulnerability Name:

CVE-2011-3375 (CCN-72422)

Assigned:2011-08-30
Published:2012-01-17
Updated:2012-02-16
Summary:Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-200
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2011-3375

Source: CCN
Type: Apache Mailing List, Tue, 17 Jan 2012 11:34:52 GMT
CVE-2011-3375 Apache Tomcat Information disclosure

Source: CCN
Type: RHSA-2012-0681
Moderate: tomcat6 security and bug fix update

Source: CCN
Type: RHSA-2012-0682
Moderate: tomcat6 security and bug fix update

Source: CCN
Type: SA47554
Apache Tomcat Request Object Recycle Security Bypass

Source: CCN
Type: Apache Tomcat Web site
Apache Tomcat

Source: CONFIRM
Type: Vendor Advisory
http://tomcat.apache.org/security-6.html

Source: CONFIRM
Type: Vendor Advisory
http://tomcat.apache.org/security-7.html

Source: DEBIAN
Type: UNKNOWN
DSA-2401

Source: DEBIAN
Type: DSA-2401
tomcat6 -- several vulnerabilities

Source: CCN
Type: OSVDB ID: 78331
Apache Tomcat Request Object Recycling Information Disclosure

Source: CCN
Type: BID-51442
Apache Tomcat Request Object Security Bypass Vulnerability

Source: XF
Type: UNKNOWN
tomcat-request-object-info-disc(72422)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:tomcat:6.0.30:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.31:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.32:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.33:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:apache:tomcat:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.16:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.18:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.19:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.20:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.21:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.30:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.31:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.32:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.16:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.21:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.33:*:*:*:*:*:*:*
  • AND
  • cpe:/a:redhat:jboss_enterprise_web_server:1.0.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:15018
    P
    		USN-1359-1 -- Tomcat vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:15309
    P
    		DSA-2401-1 tomcat6 -- several
    2014-06-23
    oval:org.mitre.oval:def:20659
    V
    		VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, Workstation, Player, ESXi and ESX address several security issues
    2014-01-20
    oval:org.opensuse.security:def:20113375
    V
    		CVE-2011-3375
    2013-08-14
    oval:com.ubuntu.precise:def:20113375000
    V
    		CVE-2011-3375 on Ubuntu 12.04 LTS (precise) - low.
    2012-01-18
    BACK
    apache tomcat 6.0.30
    apache tomcat 6.0.31
    apache tomcat 6.0.32
    apache tomcat 6.0.33
    apache tomcat 7.0.0
    apache tomcat 7.0.1
    apache tomcat 7.0.2
    apache tomcat 7.0.3
    apache tomcat 7.0.4
    apache tomcat 7.0.5
    apache tomcat 7.0.6
    apache tomcat 7.0.7
    apache tomcat 7.0.8
    apache tomcat 7.0.9
    apache tomcat 7.0.10
    apache tomcat 7.0.11
    apache tomcat 7.0.12
    apache tomcat 7.0.13
    apache tomcat 7.0.14
    apache tomcat 7.0.15
    apache tomcat 7.0.16
    apache tomcat 7.0.17
    apache tomcat 7.0.18
    apache tomcat 7.0.19
    apache tomcat 7.0.20
    apache tomcat 7.0.21
    apache tomcat 7.0.0 beta
    apache tomcat 7.0.1
    apache tomcat 7.0.2
    apache tomcat 7.0.3
    apache tomcat 7.0.4
    apache tomcat 7.0.8
    apache tomcat 7.0.5
    apache tomcat 7.0.6
    apache tomcat 7.0.7
    apache tomcat 7.0.9
    apache tomcat 7.0.10
    apache tomcat 7.0.11
    apache tomcat 7.0.12
    apache tomcat 7.0.13
    apache tomcat 6.0.30
    apache tomcat 6.0.31
    apache tomcat 6.0.32
    apache tomcat 7.0.16
    apache tomcat 7.0.21
    apache tomcat 6.0.33
    redhat jboss enterprise web server 1.0.0