CVE-2019-10072
Apache Tomcat reserveWindowSize Denial-Of-Service Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . By not sending WINDOW_UPDATE messages for the connection window (stream 0) clients were able to cause server-side threads to block eventually leading to thread exhaustion and a DoS.
La solución para el CVE-2019-0199 estaba incompleta y no abordaba el agotamiento de la ventana de conexión HTTP/2 al escribir en de Apache Tomcat versiones desde 9.0.0.M1 hasta 9.0.19 y 8.5.0 hasta 8.5.40. Al no enviar mensajes de WINDOW_UPDATE para la ventana de conexión (stream 0), los clientes fueron habilitados para causar que los hilos (subprocesos) del lado del servidor se bloquearan eventualmente conllevando al agotamiento del hilo (subproceso) y a una DoS.
This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable installations of Apache Tomcat. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of HTTP2 requests. A crafted HTTP2 request can create a deadlock on a worker thread. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-03-26 CVE Reserved
- 2019-06-21 CVE Published
- 2024-06-14 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
- CWE-667: Improper Locking
CAPEC
References (22)
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html | 2023-12-08 | |
https://access.redhat.com/errata/RHSA-2019:3929 | 2023-12-08 | |
https://access.redhat.com/errata/RHSA-2019:3931 | 2023-12-08 | |
https://usn.ubuntu.com/4128-1 | 2023-12-08 | |
https://usn.ubuntu.com/4128-2 | 2023-12-08 | |
https://www.debian.org/security/2020/dsa-4680 | 2023-12-08 | |
https://access.redhat.com/security/cve/CVE-2019-10072 | 2019-11-20 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1723708 | 2019-11-20 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | >= 8.5.0 <= 8.5.40 Search vendor "Apache" for product "Tomcat" and version " >= 8.5.0 <= 8.5.40" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | >= 9.0.1 <= 9.0.19 Search vendor "Apache" for product "Tomcat" and version " >= 9.0.1 <= 9.0.19" | - |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone1 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone10 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone11 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone12 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone13 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone14 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone15 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone16 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone17 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone18 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone19 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone2 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone20 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone21 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone22 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone23 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone24 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone25 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone26 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone27 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone3 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone4 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone5 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone6 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone7 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone8 |
Affected
| ||||||
Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone9 |
Affected
|