CVE-2021-43980

Published Sep 28, 2022

Last updated 2 years ago

CVSS low 3.7

Overview

Description: The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 that could cause client connections to share an Http11Processor instance resulting in responses, or part responses, to be received by the wrong client.
Source: security@apache.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 3.7
Impact score: 1.4
Exploitability score: 2.2
Vector string: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Severity: LOW

Weaknesses

security@apache.org: CWE-362
nvd@nist.gov: CWE-362

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F762135-0F3D-4344-AA58-48E239BF3E1B",
            "versionEndIncluding": "8.5.77",
            "versionStartIncluding": "8.5.0"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "503E5C18-810C-4F6F-962B-20CCACCAB114",
            "versionEndIncluding": "9.0.60",
            "versionStartIncluding": "9.0.0"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "894AE0F8-6F54-41FC-BD51-505BD404EC5C",
            "versionEndIncluding": "10.0.18",
            "versionStartIncluding": "10.0.0"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D402B5D-5901-43EB-8E6A-ECBD512CE367"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33C71AE1-B38E-4783-BAC2-3CDA7B4D9EBA"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone11:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6BD4180-D3E8-42AB-96B1-3869ECF47F6C"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone12:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64668CCF-DBC9-442D-9E0F-FD40E1D0DDB7"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9846609D-51FC-4CDD-97B3-8C6E07108F14"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E321FB4-0B0C-497A-BB75-909D888C93CB"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B0CAE57-AF7A-40E6-9519-F5C9F422C1BE"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CB9D150-EED6-4AE9-BCBE-48932E50035E"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D334103F-F64E-4869-BCC8-670A5AFCC76C"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "941FCF7B-FFB6-4967-95C7-BB3D32C73DAF"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE1A9030-B397-4BA6-8E13-DA1503872DDB"
          },
          {
            "criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6284B74A-1051-40A7-9D74-380FEEEC3F88"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References