Guest

Preview Tool

Cisco Bug: CSCur29721 - Prime Infrastructure 2.1.1 Apache Tomcat Vulnerabilities issue

Last Modified

Feb 12, 2016

Products (1)

  • Cisco Prime Infrastructure

Known Affected Releases

2.1(1)

Description (partial)

Symptoms:
Cisco Prime Infrastructure includes a version of Apache Tomcat that is affected by the vulnerabilities identified by the following Common
Vulnerability and Exposures (CVE) IDs: 

CVE-2013-4286: Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP
connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which
allows remote attackers to trigger incorrect identification of a request's length and conduct
request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a
''Transfer-Encoding: chunked'' header. NOTE: this vulnerability exists because of an incomplete fix for
CVE-2005-2090. This has been classified by the vendor as having a CVSSv2 score of 5.8
(AV:N/AC:M/AU:N/C:P/I:P/A:N)

CVE-2013-4322: Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked
transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace
characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of
service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for
CVE-2012-3544. This has been classified by the vendor as having a CVSSv2 score of 4.3
(AV:N/AC:M/AU:N/C:N/I:N/A:P)

CVE-2013-4590: Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to
obtain ''Tomcat internals'' information by leveraging the presence of an untrusted web application with a
context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in
conjunction with an entity reference, related to an XML External Entity (XXE) issue. This has been classified
by the vendor as having a CVSSv2 score of 4.3 (AV:N/AC:M/AU:N/C:P/I:N/A:N)

CVE-2014-0050: MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss
Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU
consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions. This has been
classified by the vendor as having a CVSSv2 score of 5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P)

CVE-2014-0075: Integer overflow in the parseChunkHeader function in
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before
7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a
malformed chunk size in chunked transfer coding of a request during the streaming of data. This has been
classified by the vendor as having a CVSSv2 score of 5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P)

CVE-2014-0096: java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat
before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which
allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web
application that provides an XML external entity declaration in conjunction with an entity reference, related
to an XML External Entity (XXE) issue. This has been classified by the vendor as having a CVSSv2 score of 4.3
(AV:N/AC:M/AU:N/C:P/I:N/A:N)

CVE-2014-0099: Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40,
7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to
conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header. This has been classified by
the vendor as having a CVSSv2 score of 4.3 (AV:N/AC:M/AU:N/C:N/I:P/A:N)

CVE-2014-0119: Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly
constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote
attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity
declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2)
read files associated with different web applications on a single Tomcat instance via a crafted web
application. This has been classified by the vendor as having a CVSSv2 score of 4.3
(AV:N/AC:M/AU:N/C:P/I:N/A:N)

This bug was opened to address the potential impact on this product.

Conditions:
Running version of the software prior to the Known Fixed Releases
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.