Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:APACHE:TOMCAT-REDIRECT

Severity

 Minor

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Apache Tomcat Default Servlet Open Redirect

Release Date

 2018/11/29

Update Number

 3121

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Apache Tomcat Default Servlet Open Redirect


An open redirect vulnerability has been reported in Apache Tomcat. This is due to insufficient sanitization of crafted URLs. Upon clicking the link, an authenticated user's browser session could be redirected to a malicious site that is designed to impersonate a legitimate website, leading to a spoofing vulnerability.

Extended Description

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice.

Affected Products

  • Apache tomcat 7.0.23
  • Apache tomcat 7.0.24
  • Apache tomcat 7.0.25
  • Apache tomcat 7.0.26
  • Apache tomcat 7.0.27
  • Apache tomcat 7.0.28
  • Apache tomcat 7.0.29
  • Apache tomcat 7.0.30
  • Apache tomcat 7.0.31
  • Apache tomcat 7.0.32
  • Apache tomcat 7.0.33
  • Apache tomcat 7.0.34
  • Apache tomcat 7.0.35
  • Apache tomcat 7.0.36
  • Apache tomcat 7.0.37
  • Apache tomcat 7.0.38
  • Apache tomcat 7.0.39
  • Apache tomcat 7.0.40
  • Apache tomcat 7.0.41
  • Apache tomcat 7.0.42
  • Apache tomcat 7.0.43
  • Apache tomcat 7.0.44
  • Apache tomcat 7.0.45
  • Apache tomcat 7.0.46
  • Apache tomcat 7.0.47
  • Apache tomcat 7.0.48
  • Apache tomcat 7.0.49
  • Apache tomcat 7.0.50
  • Apache tomcat 7.0.51
  • Apache tomcat 7.0.52
  • Apache tomcat 7.0.53
  • Apache tomcat 7.0.54
  • Apache tomcat 7.0.55
  • Apache tomcat 7.0.56
  • Apache tomcat 7.0.57
  • Apache tomcat 7.0.58
  • Apache tomcat 7.0.59
  • Apache tomcat 7.0.60
  • Apache tomcat 7.0.61
  • Apache tomcat 7.0.62
  • Apache tomcat 7.0.63
  • Apache tomcat 7.0.64
  • Apache tomcat 7.0.65
  • Apache tomcat 7.0.66
  • Apache tomcat 7.0.67
  • Apache tomcat 7.0.68
  • Apache tomcat 7.0.69
  • Apache tomcat 7.0.70
  • Apache tomcat 7.0.71
  • Apache tomcat 7.0.72
  • Apache tomcat 7.0.73
  • Apache tomcat 7.0.74
  • Apache tomcat 7.0.75
  • Apache tomcat 7.0.76
  • Apache tomcat 7.0.77
  • Apache tomcat 7.0.78
  • Apache tomcat 7.0.79
  • Apache tomcat 7.0.80
  • Apache tomcat 7.0.81
  • Apache tomcat 7.0.82
  • Apache tomcat 7.0.83
  • Apache tomcat 7.0.84
  • Apache tomcat 7.0.85
  • Apache tomcat 7.0.86
  • Apache tomcat 7.0.87
  • Apache tomcat 7.0.88
  • Apache tomcat 7.0.89
  • Apache tomcat 7.0.90
  • Apache tomcat 8.5.0
  • Apache tomcat 8.5.1
  • Apache tomcat 8.5.10
  • Apache tomcat 8.5.11
  • Apache tomcat 8.5.12
  • Apache tomcat 8.5.13
  • Apache tomcat 8.5.14
  • Apache tomcat 8.5.15
  • Apache tomcat 8.5.16
  • Apache tomcat 8.5.17
  • Apache tomcat 8.5.18
  • Apache tomcat 8.5.19
  • Apache tomcat 8.5.2
  • Apache tomcat 8.5.20
  • Apache tomcat 8.5.21
  • Apache tomcat 8.5.22
  • Apache tomcat 8.5.23
  • Apache tomcat 8.5.24
  • Apache tomcat 8.5.25
  • Apache tomcat 8.5.26
  • Apache tomcat 8.5.27
  • Apache tomcat 8.5.28
  • Apache tomcat 8.5.29
  • Apache tomcat 8.5.3
  • Apache tomcat 8.5.30
  • Apache tomcat 8.5.31
  • Apache tomcat 8.5.32
  • Apache tomcat 8.5.33
  • Apache tomcat 8.5.4
  • Apache tomcat 8.5.5
  • Apache tomcat 8.5.6
  • Apache tomcat 8.5.7
  • Apache tomcat 8.5.8
  • Apache tomcat 8.5.9
  • Apache tomcat 9.0.0
  • Apache tomcat 9.0.1
  • Apache tomcat 9.0.10
  • Apache tomcat 9.0.11
  • Apache tomcat 9.0.2
  • Apache tomcat 9.0.3
  • Apache tomcat 9.0.4
  • Apache tomcat 9.0.5
  • Apache tomcat 9.0.6
  • Apache tomcat 9.0.7
  • Apache tomcat 9.0.8
  • Apache tomcat 9.0.9
  • Canonical ubuntu_linux 14.04
  • Canonical ubuntu_linux 16.04
  • Debian debian_linux 8.0
  • Netapp snap_creator_framework -
  • Oracle communications_application_session_controller 3.7.1
  • Oracle communications_application_session_controller 3.8.0
  • Oracle hospitality_guest_access 4.2.0
  • Oracle hospitality_guest_access 4.2.1
  • Oracle instantis_enterprisetrack 17.1
  • Oracle instantis_enterprisetrack 17.2
  • Oracle instantis_enterprisetrack 17.3
  • Oracle retail_order_broker 15.0
  • Oracle retail_order_broker 5.1
  • Oracle retail_order_broker 5.2
  • Oracle secure_global_desktop 5.4
  • Redhat enterprise_linux_desktop 7.0
  • Redhat enterprise_linux_server 7.0
  • Redhat enterprise_linux_server 7.6
  • Redhat enterprise_linux_server_aus 7.6
  • Redhat enterprise_linux_server_eus 7.6
  • Redhat enterprise_linux_server_tus 7.6
  • Redhat enterprise_linux_workstation 7.0

References

  • CVE: CVE-2018-11784
  • URL: https://lists.apache.org/thread.html/23134c9b5a23892a205dc140cdd8c9c0add233600f76b313dda6bd75@%3cannounce.tomcat.apache.org%3e

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out