Vulnerability Details : CVE-2019-0221
The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website.
Vulnerability category: Cross site scripting (XSS)
Threat overview for CVE-2019-0221
Top countries where our scanners detected CVE-2019-0221
Top open port discovered on systems with this issue
80
IPs affected by CVE-2019-0221 187,824
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2019-0221!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2019-0221
Probability of exploitation activity in the next 30 days: 0.92%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 81 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2019-0221
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST |
6.1
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
NIST |
CWE ids for CVE-2019-0221
-
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-0221
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46/
[SECURITY] Fedora 30 Update: tomcat-9.0.21-1.fc30 - package-announce - Fedora Mailing-Lists
-
https://www.oracle.com/security-alerts/cpujan2020.html
Oracle Critical Patch Update Advisory - January 2020
-
https://usn.ubuntu.com/4128-1/
USN-4128-1: Tomcat vulnerabilities | Ubuntu security notices
-
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E
Apache Software Foundation Security Report: 2019 - Pony Mail
-
https://www.oracle.com/security-alerts/cpuapr2020.html
Oracle Critical Patch Update Advisory - April 2020
-
https://support.f5.com/csp/article/K13184144?utm_source=f5support&utm_medium=RSS
-
https://access.redhat.com/errata/RHSA-2019:3931
RHSA-2019:3931 - Security Advisory - Red Hat Customer Portal
-
https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c%40%3Cannounce.tomcat.apache.org%3E
[SECURITY] CVE-2019-0221 Apache Tomcat XSS in SSI printenv-Apache Mail Archives
-
https://lists.debian.org/debian-lts-announce/2019/05/msg00044.html
[SECURITY] [DLA 1810-1] tomcat7 security update
-
http://packetstormsecurity.com/files/163457/Apache-Tomcat-9.0.0.M1-Cross-Site-Scripting.html
Apache Tomcat 9.0.0.M1 Cross Site Scripting ≈ Packet Storm
-
https://usn.ubuntu.com/4128-2/
USN-4128-2: Tomcat vulnerabilities | Ubuntu security notices
-
https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
Apache Mail Archives
-
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
Apache Mail Archives
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3/
[SECURITY] Fedora 29 Update: tomcat-9.0.21-1.fc29 - package-announce - Fedora Mailing-Lists
-
https://security.gentoo.org/glsa/202003-43
Apache Tomcat: Multiple vulnerabilities (GLSA 202003-43) — Gentoo security
-
https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
svn commit: r1873980 [28/34] - /tomcat/site/trunk/docs/ - Pony Mail
-
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00090.html
[security-announce] openSUSE-SU-2019:1673-1: moderate: Security update f
-
https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/ - Pony Mail
-
https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
Apache Mail Archives
-
https://wwws.nightwatchcybersecurity.com/2019/05/27/xss-in-ssi-printenv-command-apache-tomcat-cve-2019-0221/
XSS in SSI printenv command – Apache Tomcat – CVE-2019-0221 | Nightwatch Cybersecurity
-
https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c@%3Cannounce.tomcat.apache.org%3E
[SECURITY] CVE-2019-0221 Apache Tomcat XSS in SSI printenv - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/ - Pony Mail
-
https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
Apache Mail Archives
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3/
[SECURITY] Fedora 29 Update: tomcat-9.0.21-1.fc29 - package-announce - Fedora Mailing-Lists
-
https://www.debian.org/security/2019/dsa-4596
Debian -- Security Information -- DSA-4596-1 tomcat8
-
https://www.oracle.com/security-alerts/cpuApr2021.html
Oracle Critical Patch Update Advisory - April 2021
-
https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html
[SECURITY] [DLA 1883-1] tomcat8 security update
-
https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
svn commit: r1873527 [24/30] - /tomcat/site/trunk/docs/ - Pony Mail
-
http://www.securityfocus.com/bid/108545
Apache Tomcat CVE-2019-0221 Cross Site Scripting Vulnerability
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46/
[SECURITY] Fedora 30 Update: tomcat-9.0.21-1.fc30 - package-announce - Fedora Mailing-Lists
-
https://support.f5.com/csp/article/K13184144?utm_source=f5support&%3Butm_medium=RSS
Apache Tomcat vulnerability CVE-2019-0221
-
https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
Apache Mail Archives
-
https://access.redhat.com/errata/RHSA-2019:3929
RHSA-2019:3929 - Security Advisory - Red Hat Customer Portal
-
http://seclists.org/fulldisclosure/2019/May/50
Full Disclosure: XSS in SSI printenv command – Apache Tomcat – CVE-2019-0221Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20190606-0001/
CVE-2019-0221 Apache Tomcat Vulnerability in NetApp Products | NetApp Product Security
-
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/ - Pony Mail
-
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E
Apache Software Foundation Security Report: 2019-Apache Mail Archives
-
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html
[security-announce] openSUSE-SU-2019:1808-1: moderate: Security update f
-
https://seclists.org/bugtraq/2019/Dec/43
Bugtraq: [SECURITY] [DSA 4596-1] tomcat8 security update
Products affected by CVE-2019-0221
- cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone21:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone22:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone23:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone24:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone25:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone26:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone27:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*