7

CVE-2020-9484

EPSS 93.33%
Veröffentlicht 20.05.2020 19:15:09
Zuletzt bearbeitet 21.11.2024 05:40:44
Quelle security@apache.org
Teams Watchlist Login
Unerledigt Login

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter="null" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control. Note that all of conditions a) to d) must be true for the attack to succeed.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 45

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apache ≫ Tomcat Version >= 7.0.0 < 7.0.108

Apache ≫ Tomcat Version >= 8.5.0 < 8.5.63

Apache ≫ Tomcat Version >= 9.0.1 < 9.0.43

Apache ≫ Tomcat Version9.0.0 Updatemilestone1

Apache ≫ Tomcat Version9.0.0 Updatemilestone10

Apache ≫ Tomcat Version9.0.0 Updatemilestone11

Apache ≫ Tomcat Version9.0.0 Updatemilestone12

Apache ≫ Tomcat Version9.0.0 Updatemilestone13

Apache ≫ Tomcat Version9.0.0 Updatemilestone14

Apache ≫ Tomcat Version9.0.0 Updatemilestone15

Apache ≫ Tomcat Version9.0.0 Updatemilestone16

Apache ≫ Tomcat Version9.0.0 Updatemilestone17

Apache ≫ Tomcat Version9.0.0 Updatemilestone18

Apache ≫ Tomcat Version9.0.0 Updatemilestone19

Apache ≫ Tomcat Version9.0.0 Updatemilestone2

Apache ≫ Tomcat Version9.0.0 Updatemilestone20

Apache ≫ Tomcat Version9.0.0 Updatemilestone21

Apache ≫ Tomcat Version9.0.0 Updatemilestone22

Apache ≫ Tomcat Version9.0.0 Updatemilestone23

Apache ≫ Tomcat Version9.0.0 Updatemilestone24

Apache ≫ Tomcat Version9.0.0 Updatemilestone25

Apache ≫ Tomcat Version9.0.0 Updatemilestone26

Apache ≫ Tomcat Version9.0.0 Updatemilestone27

Apache ≫ Tomcat Version9.0.0 Updatemilestone3

Apache ≫ Tomcat Version9.0.0 Updatemilestone4

Apache ≫ Tomcat Version9.0.0 Updatemilestone5

Apache ≫ Tomcat Version9.0.0 Updatemilestone6

Apache ≫ Tomcat Version9.0.0 Updatemilestone7

Apache ≫ Tomcat Version9.0.0 Updatemilestone8

Apache ≫ Tomcat Version9.0.0 Updatemilestone9

Apache ≫ Tomcat Version10.0.0 Updatemilestone1

Apache ≫ Tomcat Version10.0.0 Updatemilestone2

Apache ≫ Tomcat Version10.0.0 Updatemilestone3

Apache ≫ Tomcat Version10.0.0 Updatemilestone4

Debian ≫ Debian Linux Version8.0

Debian ≫ Debian Linux Version9.0

Debian ≫ Debian Linux Version10.0

Opensuse ≫ Leap Version15.1

Fedoraproject ≫ Fedora Version31

Fedoraproject ≫ Fedora Version32

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Oracle ≫ Agile Engineering Data Management Version6.2.1.0

Oracle ≫ Agile Plm Version9.3.3

Oracle ≫ Agile Plm Version9.3.5

Oracle ≫ Agile Plm Version9.3.6

Oracle ≫ Communications Cloud Native Core Binding Support Function Version1.10.0

Oracle ≫ Communications Cloud Native Core Policy Version1.14.0

Oracle ≫ Communications Diameter Signaling Router Version >= 8.0.0.0 <= 8.4.0.5

Oracle ≫ Communications Element Manager Version >= 8.2.0 <= 8.2.2

Oracle ≫ Communications Instant Messaging Server Version10.0.1.4.0

Oracle ≫ Communications Session Report Manager Version >= 8.2.0 <= 8.2.2

Oracle ≫ Communications Session Route Manager Version >= 8.2.0 <= 8.2.2

Oracle ≫ Database Version12.2.0.1 SwEditionenterprise

Oracle ≫ Database Version19c SwEditionenterprise

Oracle ≫ Database Version21c SwEditionenterprise

Oracle ≫ Fmw Platform Version12.2.1.3.0

Oracle ≫ Fmw Platform Version12.2.1.4.0

Oracle ≫ Hospitality Guest Access Version4.2.0

Oracle ≫ Hospitality Guest Access Version4.2.1

Oracle ≫ Instantis Enterprisetrack Version >= 17.1 <= 17.3

Oracle ≫ Managed File Transfer Version12.2.1.3.0

Oracle ≫ Managed File Transfer Version12.2.1.4.0

Oracle ≫ Mysql Enterprise Monitor Version <= 8.0.21

Oracle ≫ Retail Order Broker Version15.0

Oracle ≫ Siebel Apps - Marketing Version <= 21.9

Oracle ≫ Siebel Ui Framework Version <= 20.12

Oracle ≫ Transportation Management Version6.3.7

Oracle ≫ Workload Manager Version12.2.0.1

Oracle ≫ Workload Manager Version18c

Oracle ≫ Workload Manager Version19c

Mcafee ≫ Epolicy Orchestrator Version5.9.0

Mcafee ≫ Epolicy Orchestrator Version5.9.1

Mcafee ≫ Epolicy Orchestrator Version5.10.0 Update-

Mcafee ≫ Epolicy Orchestrator Version5.10.0 Updateupdate_1

Mcafee ≫ Epolicy Orchestrator Version5.10.0 Updateupdate_2

Mcafee ≫ Epolicy Orchestrator Version5.10.0 Updateupdate_3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	93.33%	0.998

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7	1	5.9	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.4	3.4	6.4	AV:L/AC:M/Au:N/C:P/I:P/A:P

CWE-502 Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

https://www.oracle.com/security-alerts/cpujan2021.html

Patch

Third Party Advisory

https://www.oracle.com/security-alerts/cpujan2022.html

Patch

Third Party Advisory

https://www.oracle.com//security-alerts/cpujul2021.html

Patch

Third Party Advisory

https://www.oracle.com/security-alerts/cpuoct2021.html

Patch

Third Party Advisory

https://www.oracle.com/security-alerts/cpujul2020.html

Patch

Third Party Advisory

https://www.oracle.com/security-alerts/cpuoct2020.html

Patch

Third Party Advisory

https://www.oracle.com/security-alerts/cpuApr2021.html

Patch

Third Party Advisory

https://www.oracle.com/security-alerts/cpujul2022.html

https://lists.debian.org/debian-lts-announce/2020/05/msg00026.html

Third Party Advisory

https://usn.ubuntu.com/4448-1/

Third Party Advisory

https://lists.apache.org/thread.html/rb1c0fb105ce2b93b7ec6fc1b77dd208022621a91c12d1f580813cfed%40%3Cdev.tomcat.apache.org%3E

https://kc.mcafee.com/corporate/index?page=content&id=SB10332

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00057.html

Third Party Advisory

http://packetstormsecurity.com/files/157924/Apache-Tomcat-CVE-2020-9484-Proof-Of-Concept.html

Third Party Advisory

VDB Entry

http://seclists.org/fulldisclosure/2020/Jun/6

Third Party Advisory

Mailing List

http://www.openwall.com/lists/oss-security/2021/03/01/2

Third Party Advisory

Mailing List

https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77%40%3Cusers.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r123b3ebe389f46f9d337923f393cdae4d3e9b78d982d706712f0898c%40%3Ccommits.tomee.apache.org%3E

https://lists.apache.org/thread.html/r26950738f4b4ca2d256597cf391d52d3450fa665c297ea5ca38f5469%40%3Cusers.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r77eae567ed829da9012cadb29af17f2df8fa23bf66faf88229857bb1%40%3Cannounce.tomcat.apache.org%3E

Patch

Third Party Advisory

Mailing List

Mitigation

https://lists.apache.org/thread.html/r7bc247fffcb1d58415215c861d2354bd653c86266230d78a93c71ae2%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r8a2ac0e476dbfc1e6440b09dcc782d444ad635d6da26f0284725a5dc%40%3Cusers.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r8dd19c514face6dd85fd4eab0271854883f40c7307926c1f7cd5400c%40%3Ccommits.tomee.apache.org%3E

https://lists.apache.org/thread.html/raa4123e472175bb052fbba165d37187cea923f755e8f3f30d124cb3f%40%3Ccommits.tomee.apache.org%3E

https://lists.apache.org/thread.html/rb51ccd58b2152fc75125b2406fc93e04ca9d34e737263faa6ff0f41f%40%3Cusers.tomcat.apache.org%3E

https://lists.apache.org/thread.html/rc1778b38e74b5b6142414d57623bd55b023a72361f422836782fca3c%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/rc8473b08abdf3c16494ed817bec1717a0ee0c8080315bc27db5f21c3%40%3Ccommits.tomee.apache.org%3E

https://lists.apache.org/thread.html/rf59c72572b9fee674a5d5cc6afeca4ffc3918a02c354a81cc50b7119%40%3Ccommits.tomee.apache.org%3E

https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/rf70f53af27e04869bdac18b1fc14a3ee529e59eb12292c8791a77926%40%3Cusers.tomcat.apache.org%3E

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cannounce.apache.org%3E

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cannounce.tomcat.apache.org%3E

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cusers.tomcat.apache.org%3E

https://lists.debian.org/debian-lts-announce/2020/05/msg00020.html

Third Party Advisory

https://lists.debian.org/debian-lts-announce/2020/07/msg00010.html

Third Party Advisory

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GIQHXENTLYUNOES4LXVNJ2NCUQQRF5VJ/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJ7XHKWJWDNWXUJH6UB7CLIW4TWOZ26N/

https://security.gentoo.org/glsa/202006-21

Third Party Advisory

https://security.netapp.com/advisory/ntap-20200528-0005/

Third Party Advisory

https://usn.ubuntu.com/4596-1/

Third Party Advisory

https://www.debian.org/security/2020/dsa-4727

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-9484

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-9484

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-9484

EUVD