Home

CVE-2020-9484

Description

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter=null (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control. Note that all of conditions a) to d) must be true for the attack to succeed.

Risk Information

Base Score
7.0
MODERATE
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
93.325

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2020-9484 are fixed in 11 May 2020 Fixed in Apache Tomcat 10.0.0-M5Windows
Vulnerabilities CVE-2020-9484 are fixed in 11 May 2020 Fixed in Apache Tomcat 9.0.35Windows
Vulnerabilities CVE-2020-9484 are fixed in 11 May 2020 Fixed in Apache Tomcat 8.5.55Windows
Vulnerabilities CVE-2020-9484 are fixed in 16 May 2020 Fixed in Apache Tomcat 7.0.104Windows
Vulnerabilities CVE-2021-25329,CVE-2020-9484,CVE-2021-25122 are fixed in 2 February 2021 Fixed in Apache Tomcat 10.0.2Windows
Vulnerabilities CVE-2021-25329,CVE-2020-9484,CVE-2021-25122 are fixed in 2 February 2021 Fixed in Apache Tomcat 9.0.43Windows
Vulnerabilities CVE-2021-25329,CVE-2020-9484,CVE-2021-25122 are fixed in 2 February 2021 Fixed in Apache Tomcat 8.5.63Windows
Vulnerabilities CVE-2021-25329,CVE-2020-9484 are fixed in 5 February 2021 Fixed in Apache Tomcat 7.0.108Windows
Vulnerabilities CVE-2022-23181,CVE-2020-9484 are fixed in 20 January 2022 Fixed in Apache Tomcat 10.0.16Windows
Vulnerabilities CVE-2022-23181,CVE-2020-9484 are fixed in 20 January 2022 Fixed in Apache Tomcat 9.0.58Windows
Vulnerabilities CVE-2022-23181,CVE-2020-9484 are fixed in 20 January 2022 Fixed in Apache Tomcat 8.5.75Windows
Vulnerabilities CVE-2020-9484 are fixed in Apache-tomcat-catalina 10.0.0Windows
Vulnerabilities CVE-2020-9484 are fixed in Apache-tomcat-catalina 9.0.35Windows
Vulnerabilities CVE-2020-9484 are fixed in Apache-tomcat-catalina 8.5.55Windows
Vulnerabilities CVE-2020-9484 are fixed in Apache-tomcat-catalina 7.0.104Windows
Multiple Vulnerabilities are affected in IBM Tivoli Application Dependency Discovery Manager 7.3.0Windows
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-9.0.35-3.32.1.noarch.rpmLinux
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-9.0.35-3.32.1.noarch_SP4.rpmLinux
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-admin-webapps-9.0.35-3.32.1.noarch.rpmLinux
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-admin-webapps-9.0.35-3.32.1.noarch_SP4.rpmLinux
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-docs-webapp-9.0.35-3.32.1.noarch.rpmLinux
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-docs-webapp-9.0.35-3.32.1.noarch_SP4.rpmLinux
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-el-3_0-api-9.0.35-3.32.1.noarch.rpmLinux
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-el-3_0-api-9.0.35-3.32.1.noarch_SP4.rpmLinux
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-javadoc-9.0.35-3.32.1.noarch.rpmLinux
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-javadoc-9.0.35-3.32.1.noarch_SP4.rpmLinux
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-jsp-2_3-api-9.0.35-3.32.1.noarch.rpmLinux
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-jsp-2_3-api-9.0.35-3.32.1.noarch_SP4.rpmLinux
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-lib-9.0.35-3.32.1.noarch.rpmLinux
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-lib-9.0.35-3.32.1.noarch_SP4.rpmLinux
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-servlet-4_0-api-9.0.35-3.32.1.noarch.rpmLinux
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-servlet-4_0-api-9.0.35-3.32.1.noarch_SP4.rpmLinux
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-webapps-9.0.35-3.32.1.noarch.rpmLinux
SUSE-SU-2020:1365-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-webapps-9.0.35-3.32.1.noarch_SP4.rpmLinux
(RHSA-2020:2529) tomcat6 security update tomcat6-6.0.24-115.el6_10.noarch.rpmLinux
(RHSA-2020:2529) tomcat6 security update tomcat6-admin-webapps-6.0.24-115.el6_10.noarch.rpmLinux
(RHSA-2020:2529) tomcat6 security update tomcat6-docs-webapp-6.0.24-115.el6_10.noarch.rpmLinux
(RHSA-2020:2529) tomcat6 security update tomcat6-el-2.1-api-6.0.24-115.el6_10.noarch.rpmLinux
(RHSA-2020:2529) tomcat6 security update tomcat6-javadoc-6.0.24-115.el6_10.noarch.rpmLinux
(RHSA-2020:2529) tomcat6 security update tomcat6-jsp-2.1-api-6.0.24-115.el6_10.noarch.rpmLinux
(RHSA-2020:2529) tomcat6 security update tomcat6-lib-6.0.24-115.el6_10.noarch.rpmLinux
(RHSA-2020:2529) tomcat6 security update tomcat6-servlet-2.5-api-6.0.24-115.el6_10.noarch.rpmLinux
(RHSA-2020:2529) tomcat6 security update tomcat6-webapps-6.0.24-115.el6_10.noarch.rpmLinux
(RHSA-2020:2530) tomcat security update tomcat-7.0.76-12.el7_8.noarch.rpmLinux
(RHSA-2020:2530) tomcat security update tomcat-admin-webapps-7.0.76-12.el7_8.noarch.rpmLinux
(RHSA-2020:2530) tomcat security update tomcat-docs-webapp-7.0.76-12.el7_8.noarch.rpmLinux
(RHSA-2020:2530) tomcat security update tomcat-el-2.2-api-7.0.76-12.el7_8.noarch.rpmLinux
(RHSA-2020:2530) tomcat security update tomcat-javadoc-7.0.76-12.el7_8.noarch.rpmLinux
(RHSA-2020:2530) tomcat security update tomcat-jsp-2.2-api-7.0.76-12.el7_8.noarch.rpmLinux
(RHSA-2020:2530) tomcat security update tomcat-jsvc-7.0.76-12.el7_8.noarch.rpmLinux
(RHSA-2020:2530) tomcat security update tomcat-lib-7.0.76-12.el7_8.noarch.rpmLinux
(RHSA-2020:2530) tomcat security update tomcat-servlet-3.0-api-7.0.76-12.el7_8.noarch.rpmLinux
(RHSA-2020:2530) tomcat security update tomcat-webapps-7.0.76-12.el7_8.noarch.rpmLinux
Servlet and JSP engine (USN-4448-1) tomcat8_8.0.32-1ubuntu1.13_all.debLinux
Servlet and JSP engine (USN-4448-1) libtomcat8-java_8.0.32-1ubuntu1.13_all.debLinux
Apache Tomcat 9 - Servlet and JSP engine (USN-4596-1) tomcat9_9.0.31-1ubuntu0.1_all.debLinux
Apache Tomcat 9 - Servlet and JSP engine (USN-4596-1) tomcat9-common_9.0.31-1ubuntu0.1_all.debLinux
Apache Tomcat 9 - Servlet and JSP engine (USN-4596-1) libtomcat9-java_9.0.31-1ubuntu0.1_all.debLinux
Apache Tomcat 9 - Servlet and JSP engine (USN-4596-1) libtomcat9-embed-java_9.0.31-1ubuntu0.1_all.debLinux
Tomcat6 update (ELSA-2020-2529) tomcat6-6.0.24-115.el6_10.noarch.rpmLinux
Tomcat6-admin-webapps update (ELSA-2020-2529) tomcat6-admin-webapps-6.0.24-115.el6_10.noarch.rpmLinux
Tomcat6-docs-webapp update (ELSA-2020-2529) tomcat6-docs-webapp-6.0.24-115.el6_10.noarch.rpmLinux
Tomcat6-el-2.1-api update (ELSA-2020-2529) tomcat6-el-2.1-api-6.0.24-115.el6_10.noarch.rpmLinux
Tomcat6-javadoc update (ELSA-2020-2529) tomcat6-javadoc-6.0.24-115.el6_10.noarch.rpmLinux
Tomcat6-jsp-2.1-api update (ELSA-2020-2529) tomcat6-jsp-2.1-api-6.0.24-115.el6_10.noarch.rpmLinux
Tomcat6-lib update (ELSA-2020-2529) tomcat6-lib-6.0.24-115.el6_10.noarch.rpmLinux
Tomcat6-servlet-2.5-api update (ELSA-2020-2529) tomcat6-servlet-2.5-api-6.0.24-115.el6_10.noarch.rpmLinux
Tomcat6-webapps update (ELSA-2020-2529) tomcat6-webapps-6.0.24-115.el6_10.noarch.rpmLinux
Vulnerabilities CVE-2020-9484 are fixed in 11 May 2020 Fixed in Apache Tomcat 10.0.0-M5 (For Linux)Linux
Vulnerabilities CVE-2020-9484 are fixed in 11 May 2020 Fixed in Apache Tomcat 9.0.35 (For Linux)Linux
Vulnerabilities CVE-2020-9484 are fixed in 11 May 2020 Fixed in Apache Tomcat 8.5.55 (For Linux)Linux
Vulnerabilities CVE-2020-9484 are fixed in 16 May 2020 Fixed in Apache Tomcat 7.0.104 (For Linux)Linux
(CESA-2020:2529) tomcat6 security update tomcat6-6.0.24-115.el6_10.noarch.rpmLinux
(CESA-2020:2529) tomcat6 security update tomcat6-admin-webapps-6.0.24-115.el6_10.noarch.rpmLinux
(CESA-2020:2529) tomcat6 security update tomcat6-docs-webapp-6.0.24-115.el6_10.noarch.rpmLinux
(CESA-2020:2529) tomcat6 security update tomcat6-el-2.1-api-6.0.24-115.el6_10.noarch.rpmLinux
(CESA-2020:2529) tomcat6 security update tomcat6-javadoc-6.0.24-115.el6_10.noarch.rpmLinux
(CESA-2020:2529) tomcat6 security update tomcat6-jsp-2.1-api-6.0.24-115.el6_10.noarch.rpmLinux
(CESA-2020:2529) tomcat6 security update tomcat6-lib-6.0.24-115.el6_10.noarch.rpmLinux
(CESA-2020:2529) tomcat6 security update tomcat6-servlet-2.5-api-6.0.24-115.el6_10.noarch.rpmLinux
(CESA-2020:2529) tomcat6 security update tomcat6-webapps-6.0.24-115.el6_10.noarch.rpmLinux
(CESA-2020:2530) tomcat security update tomcat-7.0.76-12.el7_8.noarch.rpmLinux
(CESA-2020:2530) tomcat security update tomcat-admin-webapps-7.0.76-12.el7_8.noarch.rpmLinux
(CESA-2020:2530) tomcat security update tomcat-docs-webapp-7.0.76-12.el7_8.noarch.rpmLinux
(CESA-2020:2530) tomcat security update tomcat-el-2.2-api-7.0.76-12.el7_8.noarch.rpmLinux
(CESA-2020:2530) tomcat security update tomcat-javadoc-7.0.76-12.el7_8.noarch.rpmLinux
(CESA-2020:2530) tomcat security update tomcat-jsp-2.2-api-7.0.76-12.el7_8.noarch.rpmLinux
(CESA-2020:2530) tomcat security update tomcat-jsvc-7.0.76-12.el7_8.noarch.rpmLinux
(CESA-2020:2530) tomcat security update tomcat-lib-7.0.76-12.el7_8.noarch.rpmLinux
(CESA-2020:2530) tomcat security update tomcat-servlet-3.0-api-7.0.76-12.el7_8.noarch.rpmLinux
(CESA-2020:2530) tomcat security update tomcat-webapps-7.0.76-12.el7_8.noarch.rpmLinux
Apache Tomcat 9 - Servlet and JSP engine (USN-5360-1) tomcat9_9.0.31-1ubuntu0.2_all.debLinux
Apache Tomcat 9 - Servlet and JSP engine (USN-5360-1) tomcat9_9.0.16-3ubuntu0.18.04.2_all.debLinux
Apache Tomcat 9 - Servlet and JSP engine (USN-5360-1) tomcat9-common_9.0.31-1ubuntu0.2_all.debLinux
Apache Tomcat 9 - Servlet and JSP engine (USN-5360-1) tomcat9-common_9.0.16-3ubuntu0.18.04.2_all.debLinux
Apache Tomcat 9 - Servlet and JSP engine (USN-5360-1) libtomcat9-java_9.0.31-1ubuntu0.2_all.debLinux
Apache Tomcat 9 - Servlet and JSP engine (USN-5360-1) libtomcat9-java_9.0.16-3ubuntu0.18.04.2_all.debLinux
Apache Tomcat 9 - Servlet and JSP engine (USN-5360-1) libtomcat9-embed-java_9.0.31-1ubuntu0.2_all.debLinux
Apache Tomcat 9 - Servlet and JSP engine (USN-5360-1) libtomcat9-embed-java_9.0.16-3ubuntu0.18.04.2_all.debLinux
Vulnerabilities CVE-2021-25329,CVE-2020-9484,CVE-2021-25122 are fixed in 2 February 2021 Fixed in Apache Tomcat 10.0.2 (For Linux)Linux
Vulnerabilities CVE-2021-25329,CVE-2020-9484,CVE-2021-25122 are fixed in 2 February 2021 Fixed in Apache Tomcat 9.0.43 (For Linux)Linux
Vulnerabilities CVE-2021-25329,CVE-2020-9484,CVE-2021-25122 are fixed in 2 February 2021 Fixed in Apache Tomcat 8.5.63 (For Linux)Linux
Vulnerabilities CVE-2021-25329,CVE-2020-9484 are fixed in 5 February 2021 Fixed in Apache Tomcat 7.0.108 (For Linux)Linux
Vulnerabilities CVE-2022-23181,CVE-2020-9484 are fixed in 20 January 2022 Fixed in Apache Tomcat 10.0.16 (For Linux)Linux
Vulnerabilities CVE-2022-23181,CVE-2020-9484 are fixed in 20 January 2022 Fixed in Apache Tomcat 9.0.58 (For Linux)Linux
Vulnerabilities CVE-2022-23181,CVE-2020-9484 are fixed in 20 January 2022 Fixed in Apache Tomcat 8.5.75 (For Linux)Linux
Servlet and JSP engine (USN-6943-1) libtomcat9-java_9.0.31-1ubuntu0.6_all.debLinux
Servlet and JSP engine (USN-6943-1) tomcat9_9.0.31-1ubuntu0.6_all.debLinux
Servlet and JSP engine (USN-6943-1) tomcat9-docs_9.0.31-1ubuntu0.6_all.debLinux
Vulnerabilities CVE-2020-9484 are fixed in Apache-tomcat-catalina for Linux 10.0.0Linux
Vulnerabilities CVE-2020-9484 are fixed in Apache-tomcat-catalina for Linux 9.0.35Linux
Vulnerabilities CVE-2020-9484 are fixed in Apache-tomcat-catalina for Linux 8.5.55Linux
Vulnerabilities CVE-2020-9484 are fixed in Apache-tomcat-catalina for Linux 7.0.104Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234