CVE-2018-11784
Summary
| CVE | CVE-2018-11784 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-10-04 13:29:00 UTC |
| Updated | 2023-12-08 16:41:00 UTC |
| Description | When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice. |
Risk And Classification
Problem Types: CWE-601
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apache | Tomcat | 9.0.0 | All | All | All |
| Application | Apache | Tomcat | 9.0.0 | m1 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m10 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m11 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m12 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m13 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m14 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m15 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m16 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m17 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m18 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m19 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m2 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m20 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m21 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m22 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m23 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m24 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m25 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m26 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m27 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m3 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m4 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m5 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m6 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m7 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m8 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m9 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone1 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone10 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone11 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone12 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone13 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone14 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone15 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone16 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone17 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone18 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone19 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone2 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone20 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone21 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone22 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone23 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone24 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone25 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone26 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone27 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone3 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone4 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone5 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone6 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone7 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone8 | All | All |
| Application | Apache | Tomcat | 9.0.0 | milestone9 | All | All |
| Application | Apache | Tomcat | 9.0.0 | All | All | All |
| Application | Apache | Tomcat | 9.0.0 | m1 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m10 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m11 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m12 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m13 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m14 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m15 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m16 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m17 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m18 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m19 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m2 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m20 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m21 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m22 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m23 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m24 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m25 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m26 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m27 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m3 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m4 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m5 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m6 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m7 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m8 | All | All |
| Application | Apache | Tomcat | 9.0.0 | m9 | All | All |
| Application | Apache | Tomcat | All | All | All | All |
| Application | Apache | Tomcat | All | All | All | All |
| Application | Apache | Tomcat | All | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
| Operating System | Debian | Debian Linux | 8.0 | All | All | All |
| Operating System | Debian | Debian Linux | 8.0 | All | All | All |
| Application | Netapp | Snap Creator Framework | - | All | All | All |
| Application | Netapp | Snap Creator Framework | - | All | All | All |
| Application | Oracle | Communications Application Session Controller | 3.7.1 | All | All | All |
| Application | Oracle | Communications Application Session Controller | 3.8.0 | All | All | All |
| Application | Oracle | Communications Application Session Controller | 3.7.1 | All | All | All |
| Application | Oracle | Communications Application Session Controller | 3.8.0 | All | All | All |
| Application | Oracle | Hospitality Guest Access | 4.2.0 | All | All | All |
| Application | Oracle | Hospitality Guest Access | 4.2.1 | All | All | All |
| Application | Oracle | Hospitality Guest Access | 4.2.0 | All | All | All |
| Application | Oracle | Hospitality Guest Access | 4.2.1 | All | All | All |
| Application | Oracle | Instantis Enterprisetrack | 17.1 | All | All | All |
| Application | Oracle | Instantis Enterprisetrack | 17.2 | All | All | All |
| Application | Oracle | Instantis Enterprisetrack | 17.3 | All | All | All |
| Application | Oracle | Instantis Enterprisetrack | 17.1 | All | All | All |
| Application | Oracle | Instantis Enterprisetrack | 17.2 | All | All | All |
| Application | Oracle | Instantis Enterprisetrack | 17.3 | All | All | All |
| Application | Oracle | Retail Order Broker | 15.0 | All | All | All |
| Application | Oracle | Retail Order Broker | 5.1 | All | All | All |
| Application | Oracle | Retail Order Broker | 5.2 | All | All | All |
| Application | Oracle | Retail Order Broker | 15.0 | All | All | All |
| Application | Oracle | Retail Order Broker | 5.1 | All | All | All |
| Application | Oracle | Retail Order Broker | 5.2 | All | All | All |
| Application | Oracle | Secure Global Desktop | 5.4 | All | All | All |
| Application | Oracle | Secure Global Desktop | 5.4 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Eus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Eus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 7.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 7.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Pony Mail! | MLIST | lists.apache.org | |
| [security-announce] openSUSE-SU-2019:1547-1: important: Security update | SUSE | lists.opensuse.org | |
| Pony Mail! | lists.apache.org | ||
| Red Hat Customer Portal | REDHAT | access.redhat.com | Third Party Advisory |
| Bugtraq: [SECURITY] [DSA 4596-1] tomcat8 security update | BUGTRAQ | seclists.org | |
| Pony Mail! | MLIST | lists.apache.org | Mailing List, Vendor Advisory |
| Pony Mail! | MLIST | lists.apache.org | Mailing List, Third Party Advisory |
| Pony Mail! | lists.apache.org | ||
| Pony Mail! | MLIST | lists.apache.org | |
| Pony Mail! | lists.apache.org | ||
| Apache Tomcat 9.0.0M1 Open Redirect ≈ Packet Storm | MISC | packetstormsecurity.com | |
| Pony Mail! | MLIST | lists.apache.org | Mailing List, Vendor Advisory |
| Pony Mail! | lists.apache.org | ||
| [security-announce] openSUSE-SU-2019:1814-1: important: Security update | SUSE | lists.opensuse.org | |
| [SECURITY] Fedora 28 Update: tomcat-8.5.35-1.fc28 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | Mailing List, Vendor Advisory |
| Pony Mail! | MLIST | lists.apache.org | Mailing List, Vendor Advisory |
| Red Hat Customer Portal | REDHAT | access.redhat.com | Third Party Advisory |
| Red Hat Customer Portal | REDHAT | access.redhat.com | |
| Pony Mail! | lists.apache.org | ||
| Pony Mail! | lists.apache.org | ||
| Pony Mail! | MLIST | lists.apache.org | |
| Pony Mail! | lists.apache.org | ||
| Pony Mail! | MLIST | lists.apache.org | Mailing List, Third Party Advisory |
| Pony Mail! | lists.apache.org | ||
| Pony Mail! | lists.apache.org | ||
| Debian -- Security Information -- DSA-4596-1 tomcat8 | DEBIAN | www.debian.org | |
| Pony Mail! | lists.apache.org | ||
| [SECURITY] [DLA 1545-1] tomcat8 security update | MLIST | lists.debian.org | Third Party Advisory |
| Apache Tomcat CVE-2018-11784 Open Redirection Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Pony Mail! | MLIST | lists.apache.org | Mailing List, Third Party Advisory |
| Pony Mail! | lists.apache.org | ||
| Pony Mail! | MLIST | lists.apache.org | |
| Pony Mail! | MLIST | lists.apache.org | Mailing List, Third Party Advisory |
| Pony Mail! | lists.apache.org | ||
| [SECURITY] Fedora 28 Update: tomcat-8.5.35-1.fc28 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| Pony Mail! | MLIST | lists.apache.org | Mailing List, Vendor Advisory |
| Oracle Critical Patch Update - January 2019 | CONFIRM | www.oracle.com | Patch, Third Party Advisory |
| Oracle Critical Patch Update - July 2019 | MISC | www.oracle.com | |
| Pony Mail! | lists.apache.org | ||
| Pony Mail! | MLIST | lists.apache.org | Mailing List, Vendor Advisory |
| CVE-2018-11784 Apache Tomcat Open Redirect Vulnerability in NetApp Products | NetApp Product Security | CONFIRM | security.netapp.com | Third Party Advisory |
| Pony Mail! | lists.apache.org | ||
| Pony Mail! | lists.apache.org | ||
| Oracle Critical Patch Update - October 2019 | MISC | www.oracle.com | |
| Oracle Critical Patch Update Advisory - January 2020 | MISC | www.oracle.com | |
| Pony Mail! | MLIST | lists.apache.org | |
| Pony Mail! | MLIST | lists.apache.org | Mailing List, Third Party Advisory |
| Oracle Critical Patch Update Advisory - April 2020 | N/A | www.oracle.com | |
| Red Hat Customer Portal | REDHAT | access.redhat.com | Third Party Advisory |
| McAfee Security Bulletin - SIEM update fixes multiple vulnerabilities (CVE-2015-7704, CVE-2016-10708, CVE-2018-10858, CVE-2018-11784, CVE-2018-18258, CVE-2019-3628, CVE-2019-3629, CVE-2019-3630, CVE-2019-3631, CVE-2019-3632) | CONFIRM | kc.mcafee.com | |
| USN-3787-1: Tomcat vulnerability | Ubuntu security notices | UBUNTU | usn.ubuntu.com | Third Party Advisory |
| [SECURITY] [DLA 1544-1] tomcat7 security update | MLIST | lists.debian.org | Third Party Advisory |
| Pony Mail! | lists.apache.org | ||
| Pony Mail! | MLIST | lists.apache.org | Mailing List, Vendor Advisory |
| Pony Mail! | lists.apache.org | ||
| Pony Mail! | MLIST | lists.apache.org | Mailing List, Third Party Advisory |
| Oracle Critical Patch Update Advisory - April 2019 | MISC | www.oracle.com | Patch, Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 20287 Oracle Database 19c OJVM Critical Patch Update - January 2020
- 20300 Oracle Database 18c Critical OJVM Patch Update - January 2020
- 20302 Oracle Database 18c OJVM Critical Patch Update - October 2019
- 20305 Oracle Database 12.2.0.1 Critical OJVM Patch Update - January 2020
- 20309 Oracle Database 19c Critical OJVM Patch Update - October 2019
- 20311 Oracle Database 12.2.0.1 Critical OJVM Patch Update - October 2019
- 377290 Alibaba Cloud Linux Security Update for tomcat (ALINUX2-SA-2019:0110)
- 940573 AlmaLinux Security Update for pki-deps:10.6 (ALSA-2019:1529)
- 960759 Rocky Linux Security Update for pki-deps:10.6 (RLSA-2019:1529)
- 982007 Java (maven) Security Update for org.apache.tomcat.embed:tomcat-embed-core (GHSA-5q99-f34m-67gc)