CVE-2014-0230
Description
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
4.901
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update Tomcat to 9.5.14 | Windows |
| Update Tomcat to 9.5.5 | Windows |
| Update Tomcat to 9.5.7 | Windows |
| Update Tomcat to 9.5.8 | Windows |
| Update Tomcat to 9.6.10 | Windows |
| Update Tomcat to 9.6.3 | Windows |
| Update Tomcat to 9.6.4 | Windows |
| Update Tomcat to 9.6.7 | Windows |
| Update Tomcat to 9.6.8 | Windows |
| Update Tomcat to 2.4.5 | Windows |
| Update Tomcat to 3.0.14 | Windows |
| Vulnerabilities CVE-2014-0227,CVE-2014-0230 are fixed in Apache - tomcat 7.0.55 | Windows |
| Vulnerabilities CVE-2014-0227,CVE-2014-0230 are fixed in Apache - tomcat 8.0.9 | Windows |
| Vulnerabilities CVE-2014-0230,CVE-2014-7810 are fixed in Apache - tomcat 6.0.44 | Windows |
| Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 5.2.6.5 | Windows |
| Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 6.0.3.4 | Windows |
| Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 6.0.0.6 | Windows |
| Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 6.1.0.2 | Windows |
| Servlet and JSP engine (USN-2654-1) libtomcat7-java_7.0.56-2ubuntu0.1_all.deb | Linux |
| SUSE-SU-2015:1337-1(SUSE Linux Enterprise Server 11 SP3 ) tomcat6-6.0.41-0.45.1.noarch.rpm | Linux |
| SUSE-SU-2015:1337-1(SUSE Linux Enterprise Server 11 SP3 ) tomcat6-admin-webapps-6.0.41-0.45.1.noarch.rpm | Linux |
| SUSE-SU-2015:1337-1(SUSE Linux Enterprise Server 11 SP3 ) tomcat6-docs-webapp-6.0.41-0.45.1.noarch.rpm | Linux |
| SUSE-SU-2015:1337-1(SUSE Linux Enterprise Server 11 SP3 ) tomcat6-javadoc-6.0.41-0.45.1.noarch.rpm | Linux |
| SUSE-SU-2015:1337-1(SUSE Linux Enterprise Server 11 SP3 ) tomcat6-jsp-2_1-api-6.0.41-0.45.1.noarch.rpm | Linux |
| SUSE-SU-2015:1337-1(SUSE Linux Enterprise Server 11 SP3 ) tomcat6-lib-6.0.41-0.45.1.noarch.rpm | Linux |
| SUSE-SU-2015:1337-1(SUSE Linux Enterprise Server 11 SP3 ) tomcat6-servlet-2_5-api-6.0.41-0.45.1.noarch.rpm | Linux |
| SUSE-SU-2015:1337-1(SUSE Linux Enterprise Server 11 SP3 ) tomcat6-webapps-6.0.41-0.45.1.noarch.rpm | Linux |
| Update Tomcat to 9.5.14 (For Linux) | Linux |
| Update Tomcat to 9.5.5 (For Linux) | Linux |
| Update Tomcat to 9.5.7 (For Linux) | Linux |
| Update Tomcat to 9.5.8 (For Linux) | Linux |
| Update Tomcat to 9.6.10 (For Linux) | Linux |
| Update Tomcat to 9.6.3 (For Linux) | Linux |
| Update Tomcat to 9.6.4 (For Linux) | Linux |
| Update Tomcat to 9.6.7 (For Linux) | Linux |
| Update Tomcat to 9.6.8 (For Linux) | Linux |
| Update Tomcat to 2.4.5 (For Linux) | Linux |
| Update Tomcat to 3.0.14 (For Linux) | Linux |
| Vulnerabilities CVE-2014-0227,CVE-2014-0230 are fixed in Apache - tomcat for Linux 7.0.55 | Linux |
| Vulnerabilities CVE-2014-0227,CVE-2014-0230 are fixed in Apache - tomcat for Linux 8.0.9 | Linux |
| Vulnerabilities CVE-2014-0230,CVE-2014-7810 are fixed in Apache - tomcat for Linux 6.0.44 | Linux |
| CVE-2014-0230 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234