// For flags

CVE-2015-5351

tomcat: CSRF token leak

Severity Score

8.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a token.

Las aplicaciones (1) Manager y (2) Host Manager en Apache Tomcat 7.x en versiones anteriores a 7.0.68, 8.x en versiones anteriores a 8.0.31 y 9.x en versiones anteriores a 9.0.0.M2 establecen sesiones y envían tokens CSRF para peticiones nuevas arbitrarias, lo que permite a atacantes remotos eludir un mecanismo de protección CSRF mediante el uso de un token.

A CSRF flaw was found in Tomcat's the index pages for the Manager and Host Manager applications. These applications included a valid CSRF token when issuing a redirect as a result of an unauthenticated request to the root of the web application. This token could then be used by an attacker to perform a CSRF attack.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2015-07-01 CVE Reserved
  • 2016-02-22 CVE Published
  • 2023-10-12 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-352: Cross-Site Request Forgery (CSRF)
CAPEC
References (38)
URL Tag Source
http://packetstormsecurity.com/files/135882/Apache-Tomcat-CSRF-Token-Leak.html X_refsource_misc
http://seclists.org/bugtraq/2016/Feb/148 Mailing List
http://svn.apache.org/viewvc?view=revision&revision=1720652 X_refsource_confirm
http://svn.apache.org/viewvc?view=revision&revision=1720655 X_refsource_confirm
http://svn.apache.org/viewvc?view=revision&revision=1720658 X_refsource_confirm
http://svn.apache.org/viewvc?view=revision&revision=1720660 X_refsource_confirm
http://svn.apache.org/viewvc?view=revision&revision=1720661 X_refsource_confirm
http://svn.apache.org/viewvc?view=revision&revision=1720663 X_refsource_confirm
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html X_refsource_confirm
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html X_refsource_confirm
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html X_refsource_confirm
http://www.securityfocus.com/bid/83330 Vdb Entry
http://www.securitytracker.com/id/1035069 Vdb Entry
https://bto.bluecoat.com/security-advisory/sa118 X_refsource_confirm
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442 X_refsource_confirm
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626 X_refsource_confirm
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E Mailing List
https://security.netapp.com/advisory/ntap-20180531-0001 X_refsource_confirm
https://softwaresupport.hpe.com/document/-/facetsearch/document/KM02978021 X_refsource_confirm
URL Date SRC
URL Date SRC
URL Date SRC
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html 2023-12-08
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html 2023-12-08
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html 2023-12-08
http://rhn.redhat.com/errata/RHSA-2016-1089.html 2023-12-08
http://rhn.redhat.com/errata/RHSA-2016-2599.html 2023-12-08
http://rhn.redhat.com/errata/RHSA-2016-2807.html 2023-12-08
http://rhn.redhat.com/errata/RHSA-2016-2808.html 2023-12-08
http://tomcat.apache.org/security-7.html 2023-12-08
http://tomcat.apache.org/security-8.html 2023-12-08
http://tomcat.apache.org/security-9.html 2023-12-08
http://www.debian.org/security/2016/dsa-3530 2023-12-08
http://www.debian.org/security/2016/dsa-3552 2023-12-08
http://www.debian.org/security/2016/dsa-3609 2023-12-08
http://www.ubuntu.com/usn/USN-3024-1 2023-12-08
https://access.redhat.com/errata/RHSA-2016:1087 2023-12-08
https://access.redhat.com/errata/RHSA-2016:1088 2023-12-08
https://security.gentoo.org/glsa/201705-09 2023-12-08
https://access.redhat.com/security/cve/CVE-2015-5351 2016-11-17
https://bugzilla.redhat.com/show_bug.cgi?id=1311076 2016-11-17
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.0
Search vendor "Apache" for product "Tomcat" and version "7.0.0"
beta
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.2
Search vendor "Apache" for product "Tomcat" and version "7.0.2"
beta
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.4
Search vendor "Apache" for product "Tomcat" and version "7.0.4"
beta
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.5
Search vendor "Apache" for product "Tomcat" and version "7.0.5"
beta
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.6
Search vendor "Apache" for product "Tomcat" and version "7.0.6"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.10
Search vendor "Apache" for product "Tomcat" and version "7.0.10"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.11
Search vendor "Apache" for product "Tomcat" and version "7.0.11"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.12
Search vendor "Apache" for product "Tomcat" and version "7.0.12"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.14
Search vendor "Apache" for product "Tomcat" and version "7.0.14"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.16
Search vendor "Apache" for product "Tomcat" and version "7.0.16"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.19
Search vendor "Apache" for product "Tomcat" and version "7.0.19"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.20
Search vendor "Apache" for product "Tomcat" and version "7.0.20"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.21
Search vendor "Apache" for product "Tomcat" and version "7.0.21"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.22
Search vendor "Apache" for product "Tomcat" and version "7.0.22"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.23
Search vendor "Apache" for product "Tomcat" and version "7.0.23"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.25
Search vendor "Apache" for product "Tomcat" and version "7.0.25"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.26
Search vendor "Apache" for product "Tomcat" and version "7.0.26"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.27
Search vendor "Apache" for product "Tomcat" and version "7.0.27"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.28
Search vendor "Apache" for product "Tomcat" and version "7.0.28"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.29
Search vendor "Apache" for product "Tomcat" and version "7.0.29"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.30
Search vendor "Apache" for product "Tomcat" and version "7.0.30"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.32
Search vendor "Apache" for product "Tomcat" and version "7.0.32"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.33
Search vendor "Apache" for product "Tomcat" and version "7.0.33"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.34
Search vendor "Apache" for product "Tomcat" and version "7.0.34"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.35
Search vendor "Apache" for product "Tomcat" and version "7.0.35"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.37
Search vendor "Apache" for product "Tomcat" and version "7.0.37"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.39
Search vendor "Apache" for product "Tomcat" and version "7.0.39"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.40
Search vendor "Apache" for product "Tomcat" and version "7.0.40"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.41
Search vendor "Apache" for product "Tomcat" and version "7.0.41"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.42
Search vendor "Apache" for product "Tomcat" and version "7.0.42"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.47
Search vendor "Apache" for product "Tomcat" and version "7.0.47"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.50
Search vendor "Apache" for product "Tomcat" and version "7.0.50"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.52
Search vendor "Apache" for product "Tomcat" and version "7.0.52"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.53
Search vendor "Apache" for product "Tomcat" and version "7.0.53"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.54
Search vendor "Apache" for product "Tomcat" and version "7.0.54"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.55
Search vendor "Apache" for product "Tomcat" and version "7.0.55"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.56
Search vendor "Apache" for product "Tomcat" and version "7.0.56"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.57
Search vendor "Apache" for product "Tomcat" and version "7.0.57"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.59
Search vendor "Apache" for product "Tomcat" and version "7.0.59"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.61
Search vendor "Apache" for product "Tomcat" and version "7.0.61"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.62
Search vendor "Apache" for product "Tomcat" and version "7.0.62"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.63
Search vendor "Apache" for product "Tomcat" and version "7.0.63"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.64
Search vendor "Apache" for product "Tomcat" and version "7.0.64"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.65
Search vendor "Apache" for product "Tomcat" and version "7.0.65"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 7.0.67
Search vendor "Apache" for product "Tomcat" and version "7.0.67"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.0
Search vendor "Apache" for product "Tomcat" and version "8.0.0"
rc1
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.0
Search vendor "Apache" for product "Tomcat" and version "8.0.0"
rc10
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.0
Search vendor "Apache" for product "Tomcat" and version "8.0.0"
rc3
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.0
Search vendor "Apache" for product "Tomcat" and version "8.0.0"
rc5
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.1
Search vendor "Apache" for product "Tomcat" and version "8.0.1"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.3
Search vendor "Apache" for product "Tomcat" and version "8.0.3"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.11
Search vendor "Apache" for product "Tomcat" and version "8.0.11"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.12
Search vendor "Apache" for product "Tomcat" and version "8.0.12"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.14
Search vendor "Apache" for product "Tomcat" and version "8.0.14"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.15
Search vendor "Apache" for product "Tomcat" and version "8.0.15"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.17
Search vendor "Apache" for product "Tomcat" and version "8.0.17"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.18
Search vendor "Apache" for product "Tomcat" and version "8.0.18"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.20
Search vendor "Apache" for product "Tomcat" and version "8.0.20"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.21
Search vendor "Apache" for product "Tomcat" and version "8.0.21"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.22
Search vendor "Apache" for product "Tomcat" and version "8.0.22"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.23
Search vendor "Apache" for product "Tomcat" and version "8.0.23"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.24
Search vendor "Apache" for product "Tomcat" and version "8.0.24"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.26
Search vendor "Apache" for product "Tomcat" and version "8.0.26"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.27
Search vendor "Apache" for product "Tomcat" and version "8.0.27"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.28
Search vendor "Apache" for product "Tomcat" and version "8.0.28"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.29
Search vendor "Apache" for product "Tomcat" and version "8.0.29"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 8.0.30
Search vendor "Apache" for product "Tomcat" and version "8.0.30"
-
Affected
Apache
Search vendor "Apache"
 Tomcat
Search vendor "Apache" for product "Tomcat"
 9.0.0
Search vendor "Apache" for product "Tomcat" and version "9.0.0"
milestone1
Affected
Debian
Search vendor "Debian"
 Debian Linux
Search vendor "Debian" for product "Debian Linux"
 7.0
Search vendor "Debian" for product "Debian Linux" and version "7.0"
-
Affected
Debian
Search vendor "Debian"
 Debian Linux
Search vendor "Debian" for product "Debian Linux"
 8.0
Search vendor "Debian" for product "Debian Linux" and version "8.0"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 12.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04"
lts
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 14.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04"
lts
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 15.10
Search vendor "Canonical" for product "Ubuntu Linux" and version "15.10"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 16.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04"
lts
Affected