Executive Summary

Informations
NameCVE-2019-0232First vendor Publication2019-04-15
VendorCveLast vendor Modification2019-05-10

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet is disabled by default. The CGI option enableCmdLineArguments is disable by default in Tomcat 9.0.x (and will be disabled by default in all versions in response to this vulnerability). For a detailed explanation of the JRE behaviour, see Markus Wulftange's blog (https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html) and this archived MSDN blog (https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/).

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0232

CWE : Common Weakness Enumeration

%idName
100 %CWE-20Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application181
Os1

Snort® IPS/IDS

DateDescription
2014-01-10.cmd? access
RuleID : 9791 - Revision : 8 - Type : SERVER-WEBAPP
2014-01-10.bat? access
RuleID : 976-community - Revision : 21 - Type : SERVER-WEBAPP
2014-01-10.bat? access
RuleID : 976 - Revision : 21 - Type : SERVER-WEBAPP

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/107906
CONFIRM https://security.netapp.com/advisory/ntap-20190419-0001/
https://www.broadcom.com/support/fibre-channel-networking/security-advisories...
FULLDISC http://seclists.org/fulldisclosure/2019/May/4
MISC https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-20...
https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in...
https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/t...
MISC. https://tools.cisco.com/security/center/viewAlert.x?alertId=60004&vs_f=Al...
MLIST https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba...
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f0...
https://lists.apache.org/thread.html/52ffb9fbf661245386a83a661183d13f1de2e577...
https://lists.apache.org/thread.html/5f297a4b9080b5f65a05bc139596d0e437d6a539...
https://lists.apache.org/thread.html/673b6148d92cd7bc99ea2dcf85ad75d57da44fc3...
https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba14...
https://lists.apache.org/thread.html/96849486813a95dfd542e1618b7923ca945508aa...
https://lists.apache.org/thread.html/a6c87a09a71162fd563ab1c4e70a08a103e0b7c1...
https://lists.apache.org/thread.html/dd4b325cdb261183dbf5ce913c102920a8f09c26...
https://lists.apache.org/thread.html/f4d48b32ef2b6aa49c8830241a9475da5b46e451...

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
DateInformations
2019-05-11 00:19:01
  • Multiple Updates
2019-05-05 05:19:15
  • Multiple Updates
2019-04-26 17:19:13
  • Multiple Updates
2019-04-23 17:19:02
  • Multiple Updates
2019-04-23 09:18:42
  • Multiple Updates
2019-04-22 21:19:18
  • Multiple Updates
2019-04-19 21:19:27
  • Multiple Updates
2019-04-16 21:19:09
  • Multiple Updates
2019-04-16 13:18:58
  • Multiple Updates
2019-04-15 21:19:02
  • First insertion