Bug 1053352 (CVE-2017-7674) - VUL-0: CVE-2017-7674: tomcat: The CORS Filter issue could lead to client and server side cache poisoning
Summary: VUL-0: CVE-2017-7674: tomcat: The CORS Filter issue could lead to client and ...
Status: RESOLVED FIXED
Alias: CVE-2017-7674
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Major
Target Milestone: ---
Assignee: Bo Maryniuk
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/190248/
Whiteboard: CVSSv2:SUSE:CVE-2017-7674:6.8:(AV:N/A...
Keywords:
Depends on:
Blocks:
 
Reported: 2017-08-11 06:59 UTC by Alexander Bergmann
Modified: 2020-06-11 12:18 UTC (History)
6 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2017-08-11 06:59:23 UTC 
CVE-2017-7674

The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15,
8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header
indicating that the response varies depending on Origin. This permitted client
and server side cache poisoning in some circumstances.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7674
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674
https://lists.apache.org/thread.html/22b4bb077502f847e2b9fcf00b96e81e734466ab459780ff73b60c0f@%3Cannounce.tomcat.apache.org%3E
Comment 1 Marcus Meissner 2017-10-23 06:24:36 UTC 
this fix is also needed for the current tomcat update. please resubmit with this included.
Comment 2 Marcus Meissner 2017-11-06 12:27:42 UTC 
Hello?
Comment 3 Marcus Meissner 2017-11-09 13:30:08 UTC 
assign to  Bo, as Mattei is currently not available

this is missing in the current submissions
Comment 4 Swamp Workflow Management 2017-11-22 14:08:28 UTC 
SUSE-SU-2017:3039-1: An update that solves three vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1019016,1042910,1053352,1059554,977410
CVE References: CVE-2017-12617,CVE-2017-5664,CVE-2017-7674
Sources used:
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    tomcat-8.0.43-29.5.1
SUSE Linux Enterprise Server 12-SP3 (src):    tomcat-8.0.43-29.5.1
SUSE Linux Enterprise Server 12-SP2 (src):    tomcat-8.0.43-29.5.1
Comment 5 Swamp Workflow Management 2017-11-23 20:09:39 UTC 
SUSE-SU-2017:3059-1: An update that fixes 5 vulnerabilities is now available.

Category: security (important)
Bug References: 1042910,1053352,1059551,1059554,977410
CVE References: CVE-2017-12615,CVE-2017-12616,CVE-2017-12617,CVE-2017-5664,CVE-2017-7674
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    tomcat-7.0.82-7.16.1
Comment 6 Swamp Workflow Management 2017-11-23 23:10:15 UTC 
openSUSE-SU-2017:3069-1: An update that solves three vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1019016,1042910,1053352,1059554,977410
CVE References: CVE-2017-12617,CVE-2017-5664,CVE-2017-7674
Sources used:
openSUSE Leap 42.3 (src):    tomcat-8.0.43-9.1
openSUSE Leap 42.2 (src):    tomcat-8.0.43-6.13.1
Comment 7 Swamp Workflow Management 2017-12-13 20:10:53 UTC 
SUSE-SU-2017:3279-1: An update that solves three vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 1002639,1019016,1042910,1053352,1059554,977410
CVE References: CVE-2017-12617,CVE-2017-5664,CVE-2017-7674
Sources used:
SUSE OpenStack Cloud 6 (src):    tomcat-8.0.43-10.24.1
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    tomcat-8.0.43-10.24.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    tomcat-8.0.43-10.24.1
Comment 8 Matei Albu 2017-12-14 13:46:45 UTC 
I think this can be closed.
Comment 9 Marcus Meissner 2017-12-27 20:04:25 UTC 
released
Comment 13 Marcus Meissner 2018-06-09 09:01:51 UTC 
resolved