#VU64545 Information disclosure in Apache Tomcat - CVE-2013-4590
Vulnerability identifier: #VU64545
Vulnerability risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID:
CWE-ID:
CWE-200
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Apache Tomcat
Server applications /
Web servers
Vendor: Apache Foundation
Description
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote attacker can obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Apache Tomcat: 6.0.0 - 6.0.38, 7.0.0 - 7.0.49, 8.0.0 RC1 - 8.0.0
External links
https://advisories.mageia.org/MGASA-2014-0148.html
https://marc.info/?l=bugtraq&m=144498216801440&w=2
https://secunia.com/advisories/59036
https://secunia.com/advisories/59722
https://secunia.com/advisories/59724
https://secunia.com/advisories/59873
https://svn.apache.org/viewvc?view=revision&revision=1549528
https://svn.apache.org/viewvc?view=revision&revision=1549529
https://svn.apache.org/viewvc?view=revision&revision=1558828
https://tomcat.apache.org/security-6.html
https://tomcat.apache.org/security-7.html
https://tomcat.apache.org/security-8.html
https://www.debian.org/security/2016/dsa-3530
https://www.mandriva.com/security/advisories?name=MDVSA-2015:052
https://www.mandriva.com/security/advisories?name=MDVSA-2015:084
https://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
https://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
https://www.securityfocus.com/bid/65768
https://www.vmware.com/security/advisories/VMSA-2014-0008.html
https://www-01.ibm.com/support/docview.wss?uid=swg21667883
https://www-01.ibm.com/support/docview.wss?uid=swg21675886
https://www-01.ibm.com/support/docview.wss?uid=swg21677147
https://www-01.ibm.com/support/docview.wss?uid=swg21678231
https://bugzilla.redhat.com/show_bug.cgi?id=1069911
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013
https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
