CVE-2016-6817

Published Aug 10, 2017

Last updated a month ago

CVSS high 7.5

Overview

Description: The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8.5.0 to 8.5.6 entered an infinite loop if a header was received that was larger than the available buffer. This made a denial of service attack possible.
Source: security@apache.org
NVD status: Modified

Risk scores

CVSS 3.1

Type: Secondary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-119
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-835

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:apache:tomcat:8.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69A7FC28-A0EC-4516-9776-700343D2F4DB"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:8.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18814653-6D44-47D9-A2F5-89C5AFB255F8"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:8.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4D811A9-4988-4C11-AA27-F5BE2B93D8D4"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:8.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FAEF824D-7E95-4BC1-8DBB-787DCE595E21"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:8.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "97F4A2B3-DB1D-4D0B-B5FF-7EE2A0D291BB"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:8.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B461D5A-1208-498F-B551-46C6D514AC2B"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:8.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "598E5D91-0165-4D55-9EDD-EBB5AAAD1172"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D0689FE-4BC0-4F53-8C79-34B21F9B86C2"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89B129B2-FB6F-4EF9-BF12-E589A87996CF"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B6787B6-54A8-475E-BA1C-AB99334B2535"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F542E12-6BA8-4504-A494-DA83E7E19BD5"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0C5F004-F7D8-45DB-B173-351C50B0EC16"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1902D2E-1896-4D3D-9E1C-3A675255072C"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49AAF4DF-F61D-47A8-8788-A21E317A145D"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "454211D0-60A2-4661-AECA-4C0121413FEB"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0686F977-889F-4960-8E0B-7784B73A7F2D"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "558703AE-DB5E-4DFF-B497-C36694DD7B24"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED6273F2-1165-47A4-8DD7-9E9B2472941B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References