CVE-2020-17527
Severity
7.5HIGH
EPSS
10.5%
top 6.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Timeline
PublishedDec 3
Latest updateApr 15
Description
While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6
Affected Packages14 packages
▶CVEListV5apache_software_foundation/apache_tomcatApache Tomcat 10 10.0.0-M1 to 10.0.0-M9, Apache Tomcat 8.5 8.5.0 to 8.5.59, Apache Tomcat 9 9.0.0-M1 to 9.0.39+2
Also affects: Debian Linux 10.0, 9.0
Patches
🔴Vulnerability Details
5OSV
▶
📋Vendor Advisories
9Oracle▶
Oracle Oracle Blockchain Platform Risk Matrix: BCS Console (Apache Tomcat) — CVE-2020-17527↗2022-04-15
Oracle▶
Oracle Oracle Communications Risk Matrix: Binding Support Function (Apache Tomcat) — CVE-2020-17527↗2022-01-15
Oracle▶
Oracle Oracle Big Data Graph Risk Matrix: Big Data Graph (Apache Tomcat) — CVE-2020-17527↗2021-07-15
Oracle▶
Oracle Oracle Database Server Risk Matrix: Workload Manager (Apache Tomcat) — CVE-2020-17527↗2021-04-15