2018-11-14 09:04:54 -05:00
{
2020-04-16 19:02:24 +00:00
"data_type" : "CVE" ,
"data_format" : "MITRE" ,
"data_version" : "4.0" ,
"CVE_data_meta" : {
"ID" : "CVE-2019-0232" ,
"ASSIGNER" : "security@apache.org" ,
"STATE" : "PUBLIC"
2019-04-15 15:00:49 +00:00
} ,
2020-04-16 19:02:24 +00:00
"affects" : {
"vendor" : {
"vendor_data" : [
2019-04-15 15:00:49 +00:00
{
2020-04-16 19:02:24 +00:00
"vendor_name" : "Apache" ,
"product" : {
"product_data" : [
2019-04-15 15:00:49 +00:00
{
2020-04-16 19:02:24 +00:00
"product_name" : "Tomcat" ,
"version" : {
"version_data" : [
2019-04-15 15:00:49 +00:00
{
2020-04-16 19:02:24 +00:00
"version_value" : "9.0.0.M1 to 9.0.17"
2019-04-15 15:00:49 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"version_value" : "8.5.0 to 8.5.39"
2019-04-15 15:00:49 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"version_value" : "7.0.0 to 7.0.93"
2019-04-15 15:00:49 +00:00
}
]
}
}
]
}
}
]
}
} ,
2020-04-16 19:02:24 +00:00
"problemtype" : {
"problemtype_data" : [
2019-04-15 15:00:49 +00:00
{
2020-04-16 19:02:24 +00:00
"description" : [
2019-04-15 15:00:49 +00:00
{
2020-04-16 19:02:24 +00:00
"lang" : "eng" ,
"value" : "Remote Code Execution"
2019-04-15 15:00:49 +00:00
}
]
}
]
} ,
2020-04-16 19:02:24 +00:00
"references" : {
"reference_data" : [
2019-04-15 15:00:49 +00:00
{
2020-04-16 19:02:24 +00:00
"refsource" : "MISC" ,
"name" : "https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html" ,
"url" : "https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html"
2019-04-15 15:00:49 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MISC" ,
"name" : "https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/" ,
"url" : "https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/"
2019-04-15 15:00:49 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MLIST" ,
"name" : "[tomcat-users] 20190410 [SECURITY] CVE-2019-0232 Apache Tomcat Remote Code Execution on Windows" ,
"url" : "https://lists.apache.org/thread.html/5f297a4b9080b5f65a05bc139596d0e437d6a539b25e31d29d028767@%3Cannounce.tomcat.apache.org%3E"
2019-04-15 16:00:42 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MLIST" ,
"name" : "[tomcat-dev] 20190415 svn commit: r1857582 [18/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/" ,
"url" : "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E"
2019-04-15 16:00:42 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MLIST" ,
"name" : "[ofbiz-commits] 20190415 svn commit: r1857587 - in /ofbiz: ofbiz-framework/branches/release18.12/build.gradle ofbiz-plugins/branches/release18.12/example/build.gradle" ,
"url" : "https://lists.apache.org/thread.html/673b6148d92cd7bc99ea2dcf85ad75d57da44fc322d51f37fb529a2a@%3Ccommits.ofbiz.apache.org%3E"
2019-04-15 16:00:42 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MLIST" ,
"name" : "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/" ,
"url" : "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E"
2019-04-15 16:00:42 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MLIST" ,
"name" : "[ofbiz-commits] 20190415 svn commit: r1857586 - in /ofbiz: ofbiz-framework/trunk/build.gradle ofbiz-plugins/trunk/example/build.gradle" ,
"url" : "https://lists.apache.org/thread.html/a6c87a09a71162fd563ab1c4e70a08a103e0b7c199fc391f1c9c4c35@%3Ccommits.ofbiz.apache.org%3E"
2019-04-15 16:00:42 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MLIST" ,
"name" : "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/" ,
"url" : "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E"
2019-04-15 16:00:42 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MLIST" ,
"name" : "[ofbiz-commits] 20190415 svn commit: r1857588 - in /ofbiz: ofbiz-framework/branches/release17.12/build.gradle ofbiz-plugins/branches/release17.12/example/build.gradle" ,
"url" : "https://lists.apache.org/thread.html/52ffb9fbf661245386a83a661183d13f1de2e5779fa23837a08e02ac@%3Ccommits.ofbiz.apache.org%3E"
2019-04-15 17:00:42 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MLIST" ,
"name" : "[ofbiz-notifications] 20190415 [jira] [Commented] (OFBIZ-10920) Update Tomcat to 9.0.18 due to CVE-2019-0232" ,
"url" : "https://lists.apache.org/thread.html/dd4b325cdb261183dbf5ce913c102920a8f09c26dae666a98309165b@%3Cnotifications.ofbiz.apache.org%3E"
2019-04-15 17:00:42 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MLIST" ,
"name" : "[ofbiz-notifications] 20190415 [jira] [Closed] (OFBIZ-10920) Update Tomcat to 9.0.18 due to CVE-2019-0232" ,
"url" : "https://lists.apache.org/thread.html/96849486813a95dfd542e1618b7923ca945508aaf4a4341f674d83e3@%3Cnotifications.ofbiz.apache.org%3E"
2019-04-16 09:00:42 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "BID" ,
"name" : "107906" ,
"url" : "http://www.securityfocus.com/bid/107906"
2019-04-19 17:00:46 +00:00
} ,
2019-06-01 09:00:48 +00:00
{
2020-04-16 19:02:24 +00:00
"refsource" : "CONFIRM" ,
"name" : "https://www.synology.com/security/advisory/Synology_SA_19_17" ,
"url" : "https://www.synology.com/security/advisory/Synology_SA_19_17"
2019-06-01 09:00:48 +00:00
} ,
2019-04-19 17:00:46 +00:00
{
2020-04-16 19:02:24 +00:00
"refsource" : "CONFIRM" ,
"name" : "https://security.netapp.com/advisory/ntap-20190419-0001/" ,
"url" : "https://security.netapp.com/advisory/ntap-20190419-0001/"
2019-04-21 12:00:53 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MLIST" ,
"name" : "[tomcat-dev] 20190421 svn commit: r1857901 - in /tomcat/site/trunk: docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml" ,
"url" : "https://lists.apache.org/thread.html/f4d48b32ef2b6aa49c8830241a9475da5b46e451f964b291c7a0a715@%3Cdev.tomcat.apache.org%3E"
2019-04-23 02:00:42 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "CONFIRM" ,
"name" : "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-784" ,
"url" : "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-784"
2019-05-04 21:00:43 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "FULLDISC" ,
"name" : "20190504 RCE in CGI Servlet - Apache Tomcat on Windows - CVE-2019-0232" ,
"url" : "http://seclists.org/fulldisclosure/2019/May/4"
2019-05-10 18:00:45 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MISC" ,
"name" : "https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat/" ,
"url" : "https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat/"
2019-05-29 21:00:51 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MISC" ,
"name" : "https://wwws.nightwatchcybersecurity.com/2019/04/30/remote-code-execution-rce-in-cgi-servlet-apache-tomcat-on-windows-cve-2019-0232/" ,
"url" : "https://wwws.nightwatchcybersecurity.com/2019/04/30/remote-code-execution-rce-in-cgi-servlet-apache-tomcat-on-windows-cve-2019-0232/"
2019-07-02 16:01:05 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MISC" ,
"name" : "http://packetstormsecurity.com/files/153506/Apache-Tomcat-CGIServlet-enableCmdLineArguments-Remote-Code-Execution.html" ,
"url" : "http://packetstormsecurity.com/files/153506/Apache-Tomcat-CGIServlet-enableCmdLineArguments-Remote-Code-Execution.html"
2019-07-09 17:00:47 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "REDHAT" ,
"name" : "RHSA-2019:1712" ,
"url" : "https://access.redhat.com/errata/RHSA-2019:1712"
2019-07-16 13:25:12 -07:00
} ,
{
2020-04-16 19:02:24 +00:00
"url" : "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" ,
"refsource" : "MISC" ,
"name" : "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
2019-10-15 13:33:48 -07:00
} ,
{
2020-04-16 19:02:24 +00:00
"url" : "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" ,
"refsource" : "MISC" ,
"name" : "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
2020-01-14 15:46:23 -08:00
} ,
{
2020-04-16 19:02:24 +00:00
"url" : "https://www.oracle.com/security-alerts/cpujan2020.html" ,
"refsource" : "MISC" ,
"name" : "https://www.oracle.com/security-alerts/cpujan2020.html"
2020-01-31 09:01:08 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MLIST" ,
"name" : "[announce] 20200131 Apache Software Foundation Security Report: 2019" ,
"url" : "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E"
2020-02-03 12:01:12 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MLIST" ,
"name" : "[tomcat-dev] 20200203 svn commit: r1873527 [24/30] - /tomcat/site/trunk/docs/" ,
"url" : "https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E"
2020-02-03 12:01:12 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MLIST" ,
"name" : "[tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/" ,
"url" : "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E"
2020-02-13 17:01:10 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MLIST" ,
"name" : "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/" ,
"url" : "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E"
2020-02-13 17:01:10 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MLIST" ,
"name" : "[tomcat-dev] 20200213 svn commit: r1873980 [28/34] - /tomcat/site/trunk/docs/" ,
"url" : "https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E"
2020-02-13 17:01:35 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MLIST" ,
"name" : "[tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/" ,
"url" : "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E"
2020-04-14 14:04:09 -07:00
} ,
{
2020-04-16 19:02:24 +00:00
"url" : "https://www.oracle.com/security-alerts/cpuapr2020.html" ,
"refsource" : "MISC" ,
"name" : "https://www.oracle.com/security-alerts/cpuapr2020.html"
2019-04-15 15:00:49 +00:00
}
]
2019-03-18 05:25:39 +00:00
} ,
2020-04-16 19:02:24 +00:00
"description" : {
"description_data" : [
2019-03-18 05:25:39 +00:00
{
2020-04-16 19:02:24 +00:00
"lang" : "eng" ,
"value" : "When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet is disabled by default. The CGI option enableCmdLineArguments is disable by default in Tomcat 9.0.x (and will be disabled by default in all versions in response to this vulnerability). For a detailed explanation of the JRE behaviour, see Markus Wulftange's blog (https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html) and this archived MSDN blog (https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/)."
2019-03-18 05:25:39 +00:00
}
]
}
}
