National Vulnerability Database (NVD) National Vulnerability Database (CVE-2011-0013)

National Cyber Awareness System

Vulnerability Summary for CVE-2011-0013

Original release date:02/19/2011

Last revised:06/05/2013

Source: US-CERT/NIST

Overview

Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag.

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

CVSS Version 2 Metrics:

Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism

Access Complexity: Medium

Authentication: Not required to exploit

Impact Type:Allows unauthorized modification

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: MISC

Name: https://bugzilla.redhat.com/show_bug.cgi?id=675786

Type: Patch Information

Hyperlink:https://bugzilla.redhat.com/show_bug.cgi?id=675786

External Source: CONFIRM

Name: http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.30

Type: Advisory; Patch Information

Hyperlink:http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.30

External Source: CONFIRM

Name: http://tomcat.apache.org/security-5.html#Fixed_in_Apache_Tomcat_5.5.32

Type: Advisory; Patch Information

Hyperlink:http://tomcat.apache.org/security-5.html#Fixed_in_Apache_Tomcat_5.5.32

External Source: VUPEN

Name: ADV-2011-0376

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2011/0376

External Source: SECTRACK

Name: 1025026

Hyperlink:http://www.securitytracker.com/id?1025026

External Source: BID

Name: 46174

Hyperlink:http://www.securityfocus.com/bid/46174

External Source: BUGTRAQ

Name: 20110205 [SECURITY] CVE-2011-0013 Apache Tomcat Manager XSS vulnerability

Hyperlink:http://www.securityfocus.com/archive/1/516209/30/90/threaded

External Source: REDHAT

Name: RHSA-2011:1845

Hyperlink:http://www.redhat.com/support/errata/RHSA-2011-1845.html

External Source: REDHAT

Name: RHSA-2011:0897

Hyperlink:http://www.redhat.com/support/errata/RHSA-2011-0897.html

External Source: REDHAT

Name: RHSA-2011:0896

Hyperlink:http://www.redhat.com/support/errata/RHSA-2011-0896.html

External Source: REDHAT

Name: RHSA-2011:0791

Hyperlink:http://www.redhat.com/support/errata/RHSA-2011-0791.html

External Source: MANDRIVA

Name: MDVSA-2011:030

Hyperlink:http://www.mandriva.com/security/advisories?name=MDVSA-2011:030

External Source: DEBIAN

Name: DSA-2160

Hyperlink:http://www.debian.org/security/2011/dsa-2160

External Source: CONFIRM

Name: http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.6_(released_14_Jan_2011)

Hyperlink:http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.6_%28released_14_Jan_2011%29

External Source: CONFIRM

Name: http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html

Hyperlink:http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html

External Source: CONFIRM

Name: http://support.apple.com/kb/HT5002

Hyperlink:http://support.apple.com/kb/HT5002

External Source: SREASON

Name: 8093

Hyperlink:http://securityreason.com/securityalert/8093

External Source: SECUNIA

Name: 45022

Hyperlink:http://secunia.com/advisories/45022

External Source: SECUNIA

Name: 43192

Type: Advisory

Hyperlink:http://secunia.com/advisories/43192

External Source: OVAL

Name: oval:org.mitre.oval:def:14945

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14945

External Source: OVAL

Name: oval:org.mitre.oval:def:12878

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12878

External Source: HP

Name: SSRT101146

Hyperlink:http://marc.info/?l=bugtraq&m=136485229118404&w=2

External Source: HP

Name: HPSBUX02860

Hyperlink:http://marc.info/?l=bugtraq&m=136485229118404&w=2

External Source: HP

Name: SSRT100627

Hyperlink:http://marc.info/?l=bugtraq&m=132215163318824&w=2

External Source: HP

Name: HPSBUX02725

Hyperlink:http://marc.info/?l=bugtraq&m=132215163318824&w=2

External Source: APPLE

Name: APPLE-SA-2011-10-12-3

Hyperlink:http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

References to Check Content

Identifier:oval:org.mitre.oval:def:12878

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12878

Vulnerable software and versions

Configuration 1

* cpe:/a:apache:tomcat:7.0.0

* cpe:/a:apache:tomcat:7.0.1

* cpe:/a:apache:tomcat:7.0.2

* cpe:/a:apache:tomcat:7.0.3

* cpe:/a:apache:tomcat:7.0.4

* cpe:/a:apache:tomcat:7.0.5

Configuration 2

* cpe:/a:apache:tomcat:6.0.15

* cpe:/a:apache:tomcat:6.0

* cpe:/a:apache:tomcat:6.0.14

* cpe:/a:apache:tomcat:6.0.17

* cpe:/a:apache:tomcat:6.0.18

* cpe:/a:apache:tomcat:6.0.27

* cpe:/a:apache:tomcat:6.0.26

* cpe:/a:apache:tomcat:6.0.24

* cpe:/a:apache:tomcat:6.0.29

* cpe:/a:apache:tomcat:6.0.28

* cpe:/a:apache:tomcat:6.0.16

* cpe:/a:apache:tomcat:6.0.1

* cpe:/a:apache:tomcat:6.0.0

* cpe:/a:apache:tomcat:6.0.5

* cpe:/a:apache:tomcat:6.0.4

* cpe:/a:apache:tomcat:6.0.3

* cpe:/a:apache:tomcat:6.0.2

* cpe:/a:apache:tomcat:6.0.13

* cpe:/a:apache:tomcat:6.0.12

* cpe:/a:apache:tomcat:6.0.11

* cpe:/a:apache:tomcat:6.0.10

* cpe:/a:apache:tomcat:6.0.20

* cpe:/a:apache:tomcat:6.0.19

* cpe:/a:apache:tomcat:6.0.6

* cpe:/a:apache:tomcat:6.0.7

* cpe:/a:apache:tomcat:6.0.8

* cpe:/a:apache:tomcat:6.0.9

Configuration 3

* cpe:/a:apache:tomcat:5.5.25

* cpe:/a:apache:tomcat:5.5.28

* cpe:/a:apache:tomcat:5.5.29

* cpe:/a:apache:tomcat:5.5.26

* cpe:/a:apache:tomcat:5.5.0

* cpe:/a:apache:tomcat:5.5.10

* cpe:/a:apache:tomcat:5.5.1

* cpe:/a:apache:tomcat:5.5.27

* cpe:/a:apache:tomcat:5.5.9

* cpe:/a:apache:tomcat:5.5.8

* cpe:/a:apache:tomcat:5.5.7

* cpe:/a:apache:tomcat:5.5.6

* cpe:/a:apache:tomcat:5.5.5

* cpe:/a:apache:tomcat:5.5.4

* cpe:/a:apache:tomcat:5.5.17

* cpe:/a:apache:tomcat:5.5.18

* cpe:/a:apache:tomcat:5.5.15

* cpe:/a:apache:tomcat:5.5.16

* cpe:/a:apache:tomcat:5.5.13

* cpe:/a:apache:tomcat:5.5.14

* cpe:/a:apache:tomcat:5.5.11

* cpe:/a:apache:tomcat:5.5.12

* cpe:/a:apache:tomcat:5.5.24

* cpe:/a:apache:tomcat:5.5.3

* cpe:/a:apache:tomcat:5.5.22

* cpe:/a:apache:tomcat:5.5.23

* cpe:/a:apache:tomcat:5.5.20

* cpe:/a:apache:tomcat:5.5.21

* cpe:/a:apache:tomcat:5.5.19

* cpe:/a:apache:tomcat:5.5.2

* cpe:/a:apache:tomcat:5.5.30

* cpe:/a:apache:tomcat:5.5.31

* Denotes Vulnerable Software

Technical Details

Vulnerability Type (View All)

Cross-Site Scripting (XSS) (CWE-79)

CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013