Vulnerability Name:

CVE-2021-43980 (CCN-237447)

Assigned:2021-11-17
Published:2022-09-28
Updated:2022-11-10
Summary:The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 that could cause client connections to share an Http11Processor instance resulting in responses, or part responses, to be received by the wrong client.
CVSS v3 Severity:3.7 Low (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
3.2 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-362
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2021-43980

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20220928 CVE-2021-43980: Apache Tomcat: Information disclosure

Source: XF
Type: UNKNOWN
apache-cve202143980-info-disc(237447)

Source: MISC
Type: Mailing List, Vendor Advisory
https://lists.apache.org/thread/3jjqbsp6j88b198x5rmg99b1qr8ht3g3

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20221026 [SECURITY] [DLA 3160-1] tomcat9 security update

Source: CCN
Type: oss-sec Mailing List, Wed, 28 Sep 2022 14:19:57 +0100
CVE-2021-43980: Apache Tomcat: Information disclosure

Source: CCN
Type: Apache Web site
Apache Tomcat

Source: DEBIAN
Type: Third Party Advisory
DSA-5265

Source: CCN
Type: IBM Security Bulletin 6831903 (UrbanCode Deploy)
Apache Tomcat could allow a remote attacker to obtain sensitive information (CVE-2021-43980)

Source: CCN
Type: IBM Security Bulletin 6840937 (Watson Discovery)
IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Tomcat

Source: CCN
Type: IBM Security Bulletin 6849109 (UrbanCode Build)
IBM UrbanCode Build is affected by CVE-2021-43980

Source: CCN
Type: IBM Security Bulletin 6856717 (UrbanCode Release)
IBM UrbanCode Release is affected by CVE-2022-42252

Source: CCN
Type: IBM Security Bulletin 7012675 (Netcool Operations Insight)
Netcool Operations Insights 1.6.9 addresses multiple security vulnerabilities.

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:tomcat:10.1.0:milestone3:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:10.1.0:milestone4:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:10.1.0:milestone5:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:10.1.0:milestone1:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:10.1.0:milestone2:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:10.1.0:milestone7:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:10.1.0:milestone8:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:10.1.0:milestone9:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:10.1.0:milestone6:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:*:*:*:*:*:*:*:* (Version >= 8.5.0 and <= 8.5.77)
  • OR cpe:/a:apache:tomcat:*:*:*:*:*:*:*:* (Version >= 9.0.0 and <= 9.0.60)
  • OR cpe:/a:apache:tomcat:*:*:*:*:*:*:*:* (Version >= 10.0.0 and <= 10.0.18)
  • OR cpe:/a:apache:tomcat:10.1.0:milestone10:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:10.1.0:milestone11:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:10.1.0:milestone12:*:*:*:*:*:*

  • Configuration 2:
  • cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:11.0:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:apache:tomcat:8.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:10.0.0:m1:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:9.0.0:m1:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:8.5.77:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:9.0.60:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:10.0.18:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:urbancode_deploy:6.2.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode_deploy:7.1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode_deploy:7.0.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode_deploy:7.2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode_build:6.1.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode_deploy:6.2.7.15:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode_deploy:7.0.5.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode_deploy:7.1.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:urbancode_deploy:7.2.2.1:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    apache tomcat 10.1.0 milestone3
    apache tomcat 10.1.0 milestone4
    apache tomcat 10.1.0 milestone5
    apache tomcat 10.1.0 milestone1
    apache tomcat 10.1.0 milestone2
    apache tomcat 10.1.0 milestone7
    apache tomcat 10.1.0 milestone8
    apache tomcat 10.1.0 milestone9
    apache tomcat 10.1.0 milestone6
    apache tomcat *
    apache tomcat *
    apache tomcat *
    apache tomcat 10.1.0 milestone10
    apache tomcat 10.1.0 milestone11
    apache tomcat 10.1.0 milestone12
    debian debian linux 10.0
    debian debian linux 11.0
    apache tomcat 8.5.0
    apache tomcat 10.0.0 m1
    apache tomcat 9.0.0 m1
    apache tomcat 8.5.77
    apache tomcat 9.0.60
    apache tomcat 10.0.18
    ibm urbancode deploy 6.2.7.3
    ibm urbancode deploy 7.1.0.0
    ibm urbancode deploy 7.0.5.0
    ibm urbancode deploy 7.2.0.0
    ibm urbancode build 6.1.4.0
    ibm urbancode deploy 6.2.7.15
    ibm urbancode deploy 7.0.5.10
    ibm urbancode deploy 7.1.2.6
    ibm urbancode deploy 7.2.2.1