CVE-2020-1935
moderate-risk
Published 2020-02-24
In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
Do I need to act?
~
1.4% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.8/10
Medium
NETWORK
/ HIGH complexity
Affected Products (20)
References (38)
Third Party Advisory
https://security.netapp.com/advisory/ntap-20200327-0005/
Third Party Advisory
https://usn.ubuntu.com/4448-1/
Third Party Advisory
https://www.debian.org/security/2020/dsa-4673
Third Party Advisory
https://www.debian.org/security/2020/dsa-4680
Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2021.html
Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html
Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2020.html
and 18 more references
45
/ 100
moderate-risk
Severity
15/34 · Moderate
Exploitability
4/34 · Minimal
Exposure
26/34 · High