CVE-2019-0199

Aliases:GHSA-qcxh-w3j9-58qr
Advisory lineage Upstream: 0 Downstream: 14
Modified
Published: 10 Apr 2019, 14:21
Last modified:04 Aug 2024, 17:44

Vulnerability Summary

Overall Risk (default)
medium
43/100
CVSS Score
7.5 HIGH
v3.0 (nvd)
EPSS Score
65.58% CRITICAL
66% probability -0.66%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

10 Apr 2019, 14:21
Published
Vulnerability first disclosed
04 Aug 2024, 17:44
Last Modified
Vulnerability information updated

Description

The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for requests that utilised the Servlet API's blocking I/O, clients were able to cause server-side threads to block eventually leading to thread exhaustion and a DoS.

CVSS Metrics

  • v3.0HIGHScore: 7.5CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • v2.0MEDIUMScore: 5AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS Trends

Current EPSS score: 65.58% Percentile: 99%

Techniques & Countermeasures

  • CWE-400Uncontrolled Resource Consumption

    The product does not properly control the allocation and maintenance of a limited resource.

Affected Systems

  • UnknownTomcat

    ≥ 8.5.0, ≤ 8.5.37 | ≥ 9.0.1, ≤ 9.0.14 | 9.0.0:milestone1 | 9.0.0:milestone10 | 9.0.0:milestone11 | 9.0.0:milestone12 | 9.0.0:milestone13 | 9.0.0:milestone14 | 9.0.0:milestone15 | 9.0.0:milestone16 | 9.0.0:milestone17 | 9.0.0:milestone18 | 9.0.0:milestone19 | 9.0.0:milestone2 | 9.0.0:milestone20 | 9.0.0:milestone21 | 9.0.0:milestone3 | 9.0.0:milestone4 | 9.0.0:milestone5 | 9.0.0:milestone6 | 9.0.0:milestone7 | 9.0.0:milestone8 | 9.0.0:milestone9

  • org.apache.tomcattomcat-coyote

    ≥ 9.0.0, < 9.0.16 | ≥ 8.0.0, < 8.5.38

  • org.apache.tomcat.embedtomcat-embed-core

    ≥ 9.0.0, < 9.0.16 | ≥ 8.0.0, < 8.5.38

References (63)