https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Bug ID: 1441223 Summary: CVE-2017-5648 tomcat: Calls to application listeners did not use the appropriate facade object Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@redhat.com Reporter: amaris@redhat.com CC: alee@redhat.com, bbaranow@redhat.com, bmaxwell@redhat.com, ccoleman@redhat.com, cdewolf@redhat.com, chazlett@redhat.com, csutherl@redhat.com, dandread@redhat.com, darran.lofthouse@redhat.com, dedgar@redhat.com, dmcphers@redhat.com, dosoudil@redhat.com, felias@redhat.com, gzaronik@redhat.com, hchiorea@redhat.com, hhorak@redhat.com, ivan.afonichev@gmail.com, java-sig-commits@lists.fedoraproject.org, jawilson@redhat.com, jclere@redhat.com, jcoleman@redhat.com, jdoyle@redhat.com, jgoulding@redhat.com, joelsmith@redhat.com, jolee@redhat.com, jorton@redhat.com, jshepherd@redhat.com, krzysztof.daniel@gmail.com, lgao@redhat.com, mbabacek@redhat.com, me@coolsvap.net, mizdebsk@redhat.com, myarboro@redhat.com, nwallace@redhat.com, pavelp@redhat.com, pgier@redhat.com, psakar@redhat.com, pslavice@redhat.com, psotirop@redhat.com, rnetuka@redhat.com, rsvoboda@redhat.com, spinder@redhat.com, theute@redhat.com, trick@vanstaveren.us, twalsh@redhat.com, vhalbert@redhat.com, vtunka@redhat.com, weli@redhat.com
While investigating bug 60718, it was noticed that some calls to application listeners did not use the appropriate facade object. When running an untrusted application under a SecurityManager, it was therefore possible for that untrusted application to retain a reference to the request or response object and thereby access and/or modify information associated with another web application.
Upstream fixes:
Tomcat 7.x:
https://svn.apache.org/viewvc?view=revision&revision=1785777
Tomcat 8.0.x:
https://svn.apache.org/viewvc?view=revision&revision=1785776
Tomcat 8.5.x:
https://svn.apache.org/viewvc?view=revision&revision=1785775
References:
https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.76 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.42 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.12
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Adam Mariš amaris@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed In Version| |tomcat 7.0.76, tomcat | |8.0.42, tomcat 8.5.12
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Adam Mariš amaris@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1441210
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Adam Mariš amaris@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1441242, 1441241, 1441243
--- Comment #1 from Adam Mariš amaris@redhat.com --- Created jbossweb tracking bugs for this issue:
Affects: openshift-1 [bug 1441243]
Created tomcat tracking bugs for this issue:
Affects: epel-6 [bug 1441241] Affects: fedora-all [bug 1441242]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1441241 [Bug 1441241] CVE-2017-5647 CVE-2017-5648 tomcat: various flaws [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1441242 [Bug 1441242] CVE-2017-5647 CVE-2017-5648 CVE-2017-5650 CVE-2017-5651 tomcat: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Yasuhiro Ozone yozone@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |yozone@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Pavel Polischouk pavelp@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2017 |impact=moderate,public=2017 |0410,reported=20170410,sour |0410,reported=20170410,sour |ce=internet,cvss3=3.6/CVSS: |ce=internet,cvss3=3.6/CVSS: |3.0/AV:L/AC:H/PR:N/UI:R/S:U |3.0/AV:L/AC:H/PR:N/UI:R/S:U |/C:L/I:L/A:N,rhel-7/tomcat= |/C:L/I:L/A:N,rhel-7/tomcat= |new,rhscl-2/rh-java-common- |new,rhscl-2/rh-java-common- |tomcat=new,jbews-2/tomcat7= |tomcat=new,jbews-2/tomcat7= |new,jws-3/tomcat7=new,jws-3 |new,jws-3/tomcat7=new,jws-3 |/tomcat8=new,eap-6/tomcat7= |/tomcat8=new,eap-6/tomcat7= |new,jdg-6/jbossweb=new,jdv- |new,jdg-6/jbossweb=new,jdv- |6/jbossweb=new,eap-6/jbossw |6/jbossweb=notaffected,eap- |eb=new,fuse-6/jbossweb=new, |6/jbossweb=new,fuse-6/jboss |jon-3/jbossweb=new,jpp-6/jb |web=new,jon-3/jbossweb=new, |ossweb=new,openshift-1/jbos |jpp-6/jbossweb=new,openshif |sweb=affected,fedora-all/to |t-1/jbossweb=affected,fedor |mcat=affected,epel-6/tomcat |a-all/tomcat=affected,epel- |=affected |6/tomcat=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Timothy Walsh twalsh@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2017 |impact=moderate,public=2017 |0410,reported=20170410,sour |0410,reported=20170410,sour |ce=internet,cvss3=3.6/CVSS: |ce=internet,cvss3=3.6/CVSS: |3.0/AV:L/AC:H/PR:N/UI:R/S:U |3.0/AV:L/AC:H/PR:N/UI:R/S:U |/C:L/I:L/A:N,rhel-7/tomcat= |/C:L/I:L/A:N,rhel-7/tomcat= |new,rhscl-2/rh-java-common- |new,rhscl-2/rh-java-common- |tomcat=new,jbews-2/tomcat7= |tomcat=new,jbews-2/tomcat7= |new,jws-3/tomcat7=new,jws-3 |new,jws-3/tomcat7=new,jws-3 |/tomcat8=new,eap-6/tomcat7= |/tomcat8=new,jdg-6/jbossweb |new,jdg-6/jbossweb=new,jdv- |=new,jdv-6/jbossweb=notaffe |6/jbossweb=notaffected,eap- |cted,eap-6/jbossweb=notaffe |6/jbossweb=new,fuse-6/jboss |cted,fuse-6/jbossweb=new,jo |web=new,jon-3/jbossweb=new, |n-3/jbossweb=new,jpp-6/jbos |jpp-6/jbossweb=new,openshif |sweb=new,openshift-1/jbossw |t-1/jbossweb=affected,fedor |eb=affected,fedora-all/tomc |a-all/tomcat=affected,epel- |at=affected,epel-6/tomcat=a |6/tomcat=affected |ffected
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Timothy Walsh twalsh@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2017 |impact=moderate,public=2017 |0410,reported=20170410,sour |0410,reported=20170410,sour |ce=internet,cvss3=3.6/CVSS: |ce=internet,cvss3=3.6/CVSS: |3.0/AV:L/AC:H/PR:N/UI:R/S:U |3.0/AV:L/AC:H/PR:N/UI:R/S:U |/C:L/I:L/A:N,rhel-7/tomcat= |/C:L/I:L/A:N,rhel-7/tomcat= |new,rhscl-2/rh-java-common- |new,rhscl-2/rh-java-common- |tomcat=new,jbews-2/tomcat7= |tomcat=new,jbews-2/tomcat7= |new,jws-3/tomcat7=new,jws-3 |wontfix,jws-3/tomcat7=affec |/tomcat8=new,jdg-6/jbossweb |ted,jws-3/tomcat8=affected, |=new,jdv-6/jbossweb=notaffe |jdg-6/jbossweb=new,jdv-6/jb |cted,eap-6/jbossweb=notaffe |ossweb=notaffected,eap-6/jb |cted,fuse-6/jbossweb=new,jo |ossweb=notaffected,fuse-6/j |n-3/jbossweb=new,jpp-6/jbos |bossweb=new,jon-3/jbossweb= |sweb=new,openshift-1/jbossw |new,jpp-6/jbossweb=new,open |eb=affected,fedora-all/tomc |shift-1/jbossweb=affected,f |at=affected,epel-6/tomcat=a |edora-all/tomcat=affected,e |ffected |pel-6/tomcat=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Timothy Walsh twalsh@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2017 |impact=moderate,public=2017 |0410,reported=20170410,sour |0410,reported=20170410,sour |ce=internet,cvss3=3.6/CVSS: |ce=internet,cvss3=3.6/CVSS: |3.0/AV:L/AC:H/PR:N/UI:R/S:U |3.0/AV:L/AC:H/PR:N/UI:R/S:U |/C:L/I:L/A:N,rhel-7/tomcat= |/C:L/I:L/A:N,rhel-7/tomcat= |new,rhscl-2/rh-java-common- |affected,rhscl-2/rh-java-co |tomcat=new,jbews-2/tomcat7= |mmon-tomcat=new,jbews-2/tom |wontfix,jws-3/tomcat7=affec |cat7=wontfix,jws-3/tomcat7= |ted,jws-3/tomcat8=affected, |affected,jws-3/tomcat8=affe |jdg-6/jbossweb=new,jdv-6/jb |cted,jdg-6/jbossweb=new,jdv |ossweb=notaffected,eap-6/jb |-6/jbossweb=notaffected,eap |ossweb=notaffected,fuse-6/j |-6/jbossweb=notaffected,fus |bossweb=new,jon-3/jbossweb= |e-6/jbossweb=new,jon-3/jbos |new,jpp-6/jbossweb=new,open |sweb=new,jpp-6/jbossweb=new |shift-1/jbossweb=affected,f |,openshift-1/jbossweb=affec |edora-all/tomcat=affected,e |ted,fedora-all/tomcat=affec |pel-6/tomcat=affected |ted,epel-6/tomcat=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Timothy Walsh twalsh@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1441487, 1441488
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Adam Mariš amaris@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |aileenc@redhat.com, | |alazarot@redhat.com, | |etirelli@redhat.com, | |gvarsami@redhat.com, | |huwang@redhat.com, | |kconner@redhat.com, | |kverlaen@redhat.com, | |ldimaggi@redhat.com, | |lpetrovi@redhat.com, | |mbaluch@redhat.com, | |mwinkler@redhat.com, | |rrajasek@redhat.com, | |rwagner@redhat.com, | |rzhang@redhat.com, | |tcunning@redhat.com, | |tkirby@redhat.com Whiteboard|impact=moderate,public=2017 |impact=moderate,public=2017 |0410,reported=20170410,sour |0410,reported=20170410,sour |ce=internet,cvss3=3.6/CVSS: |ce=internet,cvss3=3.6/CVSS: |3.0/AV:L/AC:H/PR:N/UI:R/S:U |3.0/AV:L/AC:H/PR:N/UI:R/S:U |/C:L/I:L/A:N,rhel-7/tomcat= |/C:L/I:L/A:N,rhel-7/tomcat= |affected,rhscl-2/rh-java-co |affected,rhscl-2/rh-java-co |mmon-tomcat=new,jbews-2/tom |mmon-tomcat=new,jbews-2/tom |cat7=wontfix,jws-3/tomcat7= |cat7=wontfix,jws-3/tomcat7= |affected,jws-3/tomcat8=affe |affected,jws-3/tomcat8=affe |cted,jdg-6/jbossweb=new,jdv |cted,jdg-6/jbossweb=new,jdv |-6/jbossweb=notaffected,eap |-6/jbossweb=notaffected,eap |-6/jbossweb=notaffected,fus |-6/jbossweb=notaffected,fus |e-6/jbossweb=new,jon-3/jbos |e-6/jbossweb=new,jon-3/jbos |sweb=new,jpp-6/jbossweb=new |sweb=new,jpp-6/jbossweb=new |,openshift-1/jbossweb=affec |,openshift-1/jbossweb=affec |ted,fedora-all/tomcat=affec |ted,fedora-all/tomcat=affec |ted,epel-6/tomcat=affected |ted,epel-6/tomcat=affected, | |rhel-5/tomcat5=new,rhel-6/t | |omcat6=new,jbews-2/tomcat6= | |new,eap-5/jbossweb=notaffec | |ted,brms-5/jbossweb=wontfix | |,soap-5/jbossweb=wontfix,fs | |w-6/jbossweb=wontfix
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Adam Mariš amaris@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2017 |impact=moderate,public=2017 |0410,reported=20170410,sour |0410,reported=20170410,sour |ce=internet,cvss3=3.6/CVSS: |ce=internet,cvss3=3.6/CVSS: |3.0/AV:L/AC:H/PR:N/UI:R/S:U |3.0/AV:L/AC:H/PR:N/UI:R/S:U |/C:L/I:L/A:N,rhel-7/tomcat= |/C:L/I:L/A:N,rhel-7/tomcat= |affected,rhscl-2/rh-java-co |affected,rhscl-2/rh-java-co |mmon-tomcat=new,jbews-2/tom |mmon-tomcat=new,jbews-2/tom |cat7=wontfix,jws-3/tomcat7= |cat7=wontfix,jws-3/tomcat7= |affected,jws-3/tomcat8=affe |affected,jws-3/tomcat8=affe |cted,jdg-6/jbossweb=new,jdv |cted,jdg-6/jbossweb=new,jdv |-6/jbossweb=notaffected,eap |-6/jbossweb=notaffected,eap |-6/jbossweb=notaffected,fus |-6/jbossweb=notaffected,fus |e-6/jbossweb=new,jon-3/jbos |e-6/jbossweb=new,jon-3/jbos |sweb=new,jpp-6/jbossweb=new |sweb=new,jpp-6/jbossweb=new |,openshift-1/jbossweb=affec |,openshift-1/jbossweb=affec |ted,fedora-all/tomcat=affec |ted,fedora-all/tomcat=affec |ted,epel-6/tomcat=affected, |ted,epel-6/tomcat=affected, |rhel-5/tomcat5=new,rhel-6/t |rhel-5/tomcat5=notaffected, |omcat6=new,jbews-2/tomcat6= |rhel-6/tomcat6=notaffected, |new,eap-5/jbossweb=notaffec |jbews-2/tomcat6=new,eap-5/j |ted,brms-5/jbossweb=wontfix |bossweb=notaffected,brms-5/ |,soap-5/jbossweb=wontfix,fs |jbossweb=wontfix,soap-5/jbo |w-6/jbossweb=wontfix |ssweb=wontfix,fsw-6/jbosswe | |b=wontfix
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Timothy Walsh twalsh@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2017 |impact=moderate,public=2017 |0410,reported=20170410,sour |0410,reported=20170410,sour |ce=internet,cvss3=3.6/CVSS: |ce=internet,cvss3=3.6/CVSS: |3.0/AV:L/AC:H/PR:N/UI:R/S:U |3.0/AV:L/AC:H/PR:N/UI:R/S:U |/C:L/I:L/A:N,rhel-7/tomcat= |/C:L/I:L/A:N,rhel-7/tomcat= |affected,rhscl-2/rh-java-co |affected,rhscl-2/rh-java-co |mmon-tomcat=new,jbews-2/tom |mmon-tomcat=new,jbews-2/tom |cat7=wontfix,jws-3/tomcat7= |cat7=wontfix,jws-3/tomcat7= |affected,jws-3/tomcat8=affe |affected,jws-3/tomcat8=affe |cted,jdg-6/jbossweb=new,jdv |cted,jdg-6/jbossweb=new,jdv |-6/jbossweb=notaffected,eap |-6/jbossweb=notaffected,eap |-6/jbossweb=notaffected,fus |-6/jbossweb=notaffected,fus |e-6/jbossweb=new,jon-3/jbos |e-6/jbossweb=new,jon-3/jbos |sweb=new,jpp-6/jbossweb=new |sweb=new,jpp-6/jbossweb=new |,openshift-1/jbossweb=affec |,openshift-1/jbossweb=affec |ted,fedora-all/tomcat=affec |ted,fedora-all/tomcat=affec |ted,epel-6/tomcat=affected, |ted,epel-6/tomcat=affected, |rhel-5/tomcat5=notaffected, |rhel-5/tomcat5=notaffected, |rhel-6/tomcat6=notaffected, |rhel-6/tomcat6=notaffected, |jbews-2/tomcat6=new,eap-5/j |jbews-2/tomcat6=notaffected |bossweb=notaffected,brms-5/ |,eap-5/jbossweb=notaffected |jbossweb=wontfix,soap-5/jbo |,brms-5/jbossweb=wontfix,so |ssweb=wontfix,fsw-6/jbosswe |ap-5/jbossweb=wontfix,fsw-6 |b=wontfix |/jbossweb=wontfix
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Timothy Walsh twalsh@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2017 |impact=moderate,public=2017 |0410,reported=20170410,sour |0410,reported=20170410,sour |ce=internet,cvss3=3.6/CVSS: |ce=internet,cvss3=3.6/CVSS: |3.0/AV:L/AC:H/PR:N/UI:R/S:U |3.0/AV:L/AC:H/PR:N/UI:R/S:U |/C:L/I:L/A:N,rhel-7/tomcat= |/C:L/I:L/A:N,rhel-7/tomcat= |affected,rhscl-2/rh-java-co |affected,rhscl-2/rh-java-co |mmon-tomcat=new,jbews-2/tom |mmon-tomcat=new,jbews-2/tom |cat7=wontfix,jws-3/tomcat7= |cat7=wontfix,jws-3/tomcat7= |affected,jws-3/tomcat8=affe |affected,jws-3/tomcat8=affe |cted,jdg-6/jbossweb=new,jdv |cted,jbews-3/tomcat7=affect |-6/jbossweb=notaffected,eap |ed,jbews-3/tomcat8=affected |-6/jbossweb=notaffected,fus |,jdg-6/jbossweb=new,jdv-6/j |e-6/jbossweb=new,jon-3/jbos |bossweb=notaffected,eap-6/j |sweb=new,jpp-6/jbossweb=new |bossweb=notaffected,fuse-6/ |,openshift-1/jbossweb=affec |jbossweb=new,jon-3/jbossweb |ted,fedora-all/tomcat=affec |=new,jpp-6/jbossweb=new,ope |ted,epel-6/tomcat=affected, |nshift-1/jbossweb=affected, |rhel-5/tomcat5=notaffected, |fedora-all/tomcat=affected, |rhel-6/tomcat6=notaffected, |epel-6/tomcat=affected,rhel |jbews-2/tomcat6=notaffected |-5/tomcat5=notaffected,rhel |,eap-5/jbossweb=notaffected |-6/tomcat6=notaffected,jbew |,brms-5/jbossweb=wontfix,so |s-2/tomcat6=notaffected,eap |ap-5/jbossweb=wontfix,fsw-6 |-5/jbossweb=notaffected,brm |/jbossweb=wontfix |s-5/jbossweb=wontfix,soap-5 | |/jbossweb=wontfix,fsw-6/jbo | |ssweb=wontfix
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Tomas Hoger thoger@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2017 |impact=moderate,public=2017 |0410,reported=20170410,sour |0410,reported=20170410,sour |ce=internet,cvss3=3.6/CVSS: |ce=internet,cvss3=3.6/CVSS: |3.0/AV:L/AC:H/PR:N/UI:R/S:U |3.0/AV:L/AC:H/PR:N/UI:R/S:U |/C:L/I:L/A:N,rhel-7/tomcat= |/C:L/I:L/A:N,rhel-7/tomcat= |affected,rhscl-2/rh-java-co |affected,rhscl-2/rh-java-co |mmon-tomcat=new,jbews-2/tom |mmon-tomcat=notaffected,jbe |cat7=wontfix,jws-3/tomcat7= |ws-2/tomcat7=wontfix,jws-3/ |affected,jws-3/tomcat8=affe |tomcat7=affected,jws-3/tomc |cted,jbews-3/tomcat7=affect |at8=affected,jbews-3/tomcat |ed,jbews-3/tomcat8=affected |7=affected,jbews-3/tomcat8= |,jdg-6/jbossweb=new,jdv-6/j |affected,jdg-6/jbossweb=new |bossweb=notaffected,eap-6/j |,jdv-6/jbossweb=notaffected |bossweb=notaffected,fuse-6/ |,eap-6/jbossweb=notaffected |jbossweb=new,jon-3/jbossweb |,fuse-6/jbossweb=new,jon-3/ |=new,jpp-6/jbossweb=new,ope |jbossweb=new,jpp-6/jbossweb |nshift-1/jbossweb=affected, |=new,openshift-1/jbossweb=a |fedora-all/tomcat=affected, |ffected,fedora-all/tomcat=a |epel-6/tomcat=affected,rhel |ffected,epel-6/tomcat=affec |-5/tomcat5=notaffected,rhel |ted,rhel-5/tomcat5=notaffec |-6/tomcat6=notaffected,jbew |ted,rhel-6/tomcat6=notaffec |s-2/tomcat6=notaffected,eap |ted,jbews-2/tomcat6=notaffe |-5/jbossweb=notaffected,brm |cted,eap-5/jbossweb=notaffe |s-5/jbossweb=wontfix,soap-5 |cted,brms-5/jbossweb=wontfi |/jbossweb=wontfix,fsw-6/jbo |x,soap-5/jbossweb=wontfix,f |ssweb=wontfix |sw-6/jbossweb=wontfix
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Timothy Walsh twalsh@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1446025
https://bugzilla.redhat.com/show_bug.cgi?id=1441223 Bug 1441223 depends on bug 1441241, which changed state.
Bug 1441241 Summary: CVE-2017-5647 CVE-2017-5648 tomcat: various flaws [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1441241
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1441223 Bug 1441223 depends on bug 1441242, which changed state.
Bug 1441242 Summary: CVE-2017-5647 CVE-2017-5648 tomcat: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1441242
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
--- Doc Text *updated* by Doran Moppert dmoppert@redhat.com --- A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager, it was possible under some circumstances for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application.
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
--- Doc Text *updated* by Eric Christensen sparks@redhat.com --- A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application.
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Kurt Seifried kseifried@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2017 |impact=moderate,public=2017 |0410,reported=20170410,sour |0410,reported=20170410,sour |ce=internet,cvss3=3.6/CVSS: |ce=internet,cvss3=3.6/CVSS: |3.0/AV:L/AC:H/PR:N/UI:R/S:U |3.0/AV:L/AC:H/PR:N/UI:R/S:U |/C:L/I:L/A:N,rhel-7/tomcat= |/C:L/I:L/A:N,rhel-7/tomcat= |affected,rhscl-2/rh-java-co |affected,rhscl-2/rh-java-co |mmon-tomcat=notaffected,jbe |mmon-tomcat=notaffected,jbe |ws-2/tomcat7=wontfix,jws-3/ |ws-2/tomcat7=wontfix,jws-3/ |tomcat7=affected,jws-3/tomc |tomcat7=affected,jws-3/tomc |at8=affected,jbews-3/tomcat |at8=affected,jbews-3/tomcat |7=affected,jbews-3/tomcat8= |7=affected,jbews-3/tomcat8= |affected,jdg-6/jbossweb=new |affected,jdg-6/jbossweb=new |,jdv-6/jbossweb=notaffected |,jdv-6/jbossweb=notaffected |,eap-6/jbossweb=notaffected |,eap-6/jbossweb=notaffected |,fuse-6/jbossweb=new,jon-3/ |,fuse-6/jbossweb=new,jon-3/ |jbossweb=new,jpp-6/jbossweb |jbossweb=new,jpp-6/jbossweb |=new,openshift-1/jbossweb=a |=new,openshift-1/jbossweb=d |ffected,fedora-all/tomcat=a |efer,fedora-all/tomcat=affe |ffected,epel-6/tomcat=affec |cted,epel-6/tomcat=affected |ted,rhel-5/tomcat5=notaffec |,rhel-5/tomcat5=notaffected |ted,rhel-6/tomcat6=notaffec |,rhel-6/tomcat6=notaffected |ted,jbews-2/tomcat6=notaffe |,jbews-2/tomcat6=notaffecte |cted,eap-5/jbossweb=notaffe |d,eap-5/jbossweb=notaffecte |cted,brms-5/jbossweb=wontfi |d,brms-5/jbossweb=wontfix,s |x,soap-5/jbossweb=wontfix,f |oap-5/jbossweb=wontfix,fsw- |sw-6/jbossweb=wontfix |6/jbossweb=wontfix
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
--- Comment #5 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
Red Hat JBoss Web Server 3 for RHEL 7 Red Hat JBoss Web Server 3 for RHEL 6
Via RHSA-2017:1801 https://access.redhat.com/errata/RHSA-2017:1801
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
--- Comment #6 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
Text-Only Advisories for JWS
Via RHSA-2017:1802 https://access.redhat.com/errata/RHSA-2017:1802
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
--- Comment #7 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2017:1809 https://access.redhat.com/errata/RHSA-2017:1809
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Pedro Sampaio psampaio@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1482229
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Jason Shepherd jshepherd@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |loleary@redhat.com Whiteboard|impact=moderate,public=2017 |impact=moderate,public=2017 |0410,reported=20170410,sour |0410,reported=20170410,sour |ce=internet,cvss3=3.6/CVSS: |ce=internet,cvss3=3.6/CVSS: |3.0/AV:L/AC:H/PR:N/UI:R/S:U |3.0/AV:L/AC:H/PR:N/UI:R/S:U |/C:L/I:L/A:N,rhel-7/tomcat= |/C:L/I:L/A:N,rhel-7/tomcat= |affected,rhscl-2/rh-java-co |affected,rhscl-2/rh-java-co |mmon-tomcat=notaffected,jbe |mmon-tomcat=notaffected,jbe |ws-2/tomcat7=wontfix,jws-3/ |ws-2/tomcat7=wontfix,jws-3/ |tomcat7=affected,jws-3/tomc |tomcat7=affected,jws-3/tomc |at8=affected,jbews-3/tomcat |at8=affected,jbews-3/tomcat |7=affected,jbews-3/tomcat8= |7=affected,jbews-3/tomcat8= |affected,jdg-6/jbossweb=new |affected,jdg-6/jbossweb=new |,jdv-6/jbossweb=notaffected |,jdv-6/jbossweb=notaffected |,eap-6/jbossweb=notaffected |,eap-6/jbossweb=notaffected |,fuse-6/jbossweb=new,jon-3/ |,fuse-6/jbossweb=new,jon-3/ |jbossweb=new,jpp-6/jbossweb |jbossweb=notaffected,jpp-6/ |=new,openshift-1/jbossweb=d |jbossweb=new,openshift-1/jb |efer,fedora-all/tomcat=affe |ossweb=defer,fedora-all/tom |cted,epel-6/tomcat=affected |cat=affected,epel-6/tomcat= |,rhel-5/tomcat5=notaffected |affected,rhel-5/tomcat5=not |,rhel-6/tomcat6=notaffected |affected,rhel-6/tomcat6=not |,jbews-2/tomcat6=notaffecte |affected,jbews-2/tomcat6=no |d,eap-5/jbossweb=notaffecte |taffected,eap-5/jbossweb=no |d,brms-5/jbossweb=wontfix,s |taffected,brms-5/jbossweb=w |oap-5/jbossweb=wontfix,fsw- |ontfix,soap-5/jbossweb=wont |6/jbossweb=wontfix |fix,fsw-6/jbossweb=wontfix
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Hooman Broujerdi hghasemb@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2017 |impact=moderate,public=2017 |0410,reported=20170410,sour |0410,reported=20170410,sour |ce=internet,cvss3=3.6/CVSS: |ce=internet,cvss3=3.6/CVSS: |3.0/AV:L/AC:H/PR:N/UI:R/S:U |3.0/AV:L/AC:H/PR:N/UI:R/S:U |/C:L/I:L/A:N,rhel-7/tomcat= |/C:L/I:L/A:N,rhel-7/tomcat= |affected,rhscl-2/rh-java-co |affected,rhscl-2/rh-java-co |mmon-tomcat=notaffected,jbe |mmon-tomcat=notaffected,jbe |ws-2/tomcat7=wontfix,jws-3/ |ws-2/tomcat7=wontfix,jws-3/ |tomcat7=affected,jws-3/tomc |tomcat7=affected,jws-3/tomc |at8=affected,jbews-3/tomcat |at8=affected,jbews-3/tomcat |7=affected,jbews-3/tomcat8= |7=affected,jbews-3/tomcat8= |affected,jdg-6/jbossweb=new |affected,jdg-6/jbossweb=new |,jdv-6/jbossweb=notaffected |,jdv-6/jbossweb=notaffected |,eap-6/jbossweb=notaffected |,eap-6/jbossweb=notaffected |,fuse-6/jbossweb=new,jon-3/ |,fuse-6/jbossweb=notaffecte |jbossweb=notaffected,jpp-6/ |d,jon-3/jbossweb=notaffecte |jbossweb=new,openshift-1/jb |d,jpp-6/jbossweb=new,opensh |ossweb=defer,fedora-all/tom |ift-1/jbossweb=defer,fedora |cat=affected,epel-6/tomcat= |-all/tomcat=affected,epel-6 |affected,rhel-5/tomcat5=not |/tomcat=affected,rhel-5/tom |affected,rhel-6/tomcat6=not |cat5=notaffected,rhel-6/tom |affected,jbews-2/tomcat6=no |cat6=notaffected,jbews-2/to |taffected,eap-5/jbossweb=no |mcat6=notaffected,eap-5/jbo |taffected,brms-5/jbossweb=w |ssweb=notaffected,brms-5/jb |ontfix,soap-5/jbossweb=wont |ossweb=wontfix,soap-5/jboss |fix,fsw-6/jbossweb=wontfix |web=wontfix,fsw-6/jbossweb= | |wontfix
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Chess Hazlett chazlett@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2017 |impact=moderate,public=2017 |0410,reported=20170410,sour |0410,reported=20170409,sour |ce=internet,cvss3=3.6/CVSS: |ce=internet,cvss3=3.6/CVSS: |3.0/AV:L/AC:H/PR:N/UI:R/S:U |3.0/AV:L/AC:H/PR:N/UI:R/S:U |/C:L/I:L/A:N,rhel-7/tomcat= |/C:L/I:L/A:N,rhel-7/tomcat= |affected,rhscl-2/rh-java-co |affected,rhscl-2/rh-java-co |mmon-tomcat=notaffected,jbe |mmon-tomcat=notaffected,jbe |ws-2/tomcat7=wontfix,jws-3/ |ws-2/tomcat7=wontfix,jws-3/ |tomcat7=affected,jws-3/tomc |tomcat7=affected,jws-3/tomc |at8=affected,jbews-3/tomcat |at8=affected,jbews-3/tomcat |7=affected,jbews-3/tomcat8= |7=affected,jbews-3/tomcat8= |affected,jdg-6/jbossweb=new |affected,jdg-6/jbossweb=not |,jdv-6/jbossweb=notaffected |affected,jdv-6/jbossweb=not |,eap-6/jbossweb=notaffected |affected,eap-6/jbossweb=not |,fuse-6/jbossweb=notaffecte |affected,fuse-6/jbossweb=no |d,jon-3/jbossweb=notaffecte |taffected,jon-3/jbossweb=no |d,jpp-6/jbossweb=new,opensh |taffected,jpp-6/jbossweb=no |ift-1/jbossweb=defer,fedora |taffected,openshift-1/jboss |-all/tomcat=affected,epel-6 |web=defer,fedora-all/tomcat |/tomcat=affected,rhel-5/tom |=affected,epel-6/tomcat=aff |cat5=notaffected,rhel-6/tom |ected,rhel-5/tomcat5=notaff |cat6=notaffected,jbews-2/to |ected,rhel-6/tomcat6=notaff |mcat6=notaffected,eap-5/jbo |ected,jbews-2/tomcat6=notaf |ssweb=notaffected,brms-5/jb |fected,eap-5/jbossweb=notaf |ossweb=wontfix,soap-5/jboss |fected,brms-5/jbossweb=wont |web=wontfix,fsw-6/jbossweb= |fix,soap-5/jbossweb=wontfix |wontfix |,fsw-6/jbossweb=wontfix
https://bugzilla.redhat.com/show_bug.cgi?id=1441223
Viliam Križan vkrizan@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2017 |impact=moderate,public=2017 |0410,reported=20170409,sour |0410,reported=20170410,sour |ce=internet,cvss3=3.6/CVSS: |ce=internet,cvss3=3.6/CVSS: |3.0/AV:L/AC:H/PR:N/UI:R/S:U |3.0/AV:L/AC:H/PR:N/UI:R/S:U |/C:L/I:L/A:N,rhel-7/tomcat= |/C:L/I:L/A:N,rhel-7/tomcat= |affected,rhscl-2/rh-java-co |affected,rhscl-2/rh-java-co |mmon-tomcat=notaffected,jbe |mmon-tomcat=notaffected,jbe |ws-2/tomcat7=wontfix,jws-3/ |ws-2/tomcat7=wontfix,jws-3/ |tomcat7=affected,jws-3/tomc |tomcat7=affected,jws-3/tomc |at8=affected,jbews-3/tomcat |at8=affected,jbews-3/tomcat |7=affected,jbews-3/tomcat8= |7=affected,jbews-3/tomcat8= |affected,jdg-6/jbossweb=not |affected,jdg-6/jbossweb=not |affected,jdv-6/jbossweb=not |affected,jdv-6/jbossweb=not |affected,eap-6/jbossweb=not |affected,eap-6/jbossweb=not |affected,fuse-6/jbossweb=no |affected,fuse-6/jbossweb=no |taffected,jon-3/jbossweb=no |taffected,jon-3/jbossweb=no |taffected,jpp-6/jbossweb=no |taffected,jpp-6/jbossweb=no |taffected,openshift-1/jboss |taffected,openshift-1/jboss |web=defer,fedora-all/tomcat |web=defer,fedora-all/tomcat |=affected,epel-6/tomcat=aff |=affected,epel-6/tomcat=aff |ected,rhel-5/tomcat5=notaff |ected,rhel-5/tomcat5=notaff |ected,rhel-6/tomcat6=notaff |ected,rhel-6/tomcat6=notaff |ected,jbews-2/tomcat6=notaf |ected,jbews-2/tomcat6=notaf |fected,eap-5/jbossweb=notaf |fected,eap-5/jbossweb=notaf |fected,brms-5/jbossweb=wont |fected,brms-5/jbossweb=wont |fix,soap-5/jbossweb=wontfix |fix,soap-5/jbossweb=wontfix |,fsw-6/jbossweb=wontfix |,fsw-6/jbossweb=wontfix
java-sig-commits@lists.fedoraproject.org