Vulnerability Details : CVE-2021-25329
The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.
Threat overview for CVE-2021-25329
Top countries where our scanners detected CVE-2021-25329
Top open port discovered on systems with this issue
80
IPs affected by CVE-2021-25329 405,422
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2021-25329!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2021-25329
Probability of exploitation activity in the next 30 days: 0.06%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 21 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2021-25329
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
4.4
|
MEDIUM | AV:L/AC:M/Au:N/C:P/I:P/A:P |
3.4
|
6.4
|
NIST |
|
7.0
|
HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
NIST |
References for CVE-2021-25329
-
https://security.gentoo.org/glsa/202208-34
Apache Tomcat: Multiple Vulnerabilities (GLSA 202208-34) — Gentoo securityThird Party Advisory
-
https://security.netapp.com/advisory/ntap-20210409-0002/
March 2021 Apache Tomcat Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://lists.apache.org/thread.html/r11ce01e8a4c7269b88f88212f21830edf73558997ac7744f37769b77@%3Cusers.tomcat.apache.org%3E
Re: CVE-2021-25329, was Re: Most recent security-related update to 8.5 - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cusers.tomcat.apache.org%3E
[SECURITY] CVE-2021-25329 Apache Tomcat Incomplete fix for CVE-2020-9484 (RCE via session persistence) - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r8a2ac0e476dbfc1e6440b09dcc782d444ad635d6da26f0284725a5dc@%3Cusers.tomcat.apache.org%3E
What is "h2c"? What is CVE-2021-25329? Re: Most recent security-related update to 8.5 - Pony MailMailing List;Vendor Advisory
-
https://www.oracle.com//security-alerts/cpujul2021.html
Oracle Critical Patch Update Advisory - July 2021Patch;Third Party Advisory
-
https://www.oracle.com/security-alerts/cpujan2022.html
Oracle Critical Patch Update Advisory - January 2022Patch;Third Party Advisory
-
https://lists.apache.org/thread.html/rb51ccd58b2152fc75125b2406fc93e04ca9d34e737263faa6ff0f41f@%3Cusers.tomcat.apache.org%3E
Re: What is "h2c"? What is CVE-2021-25329? Re: Most recent security-related update to 8.5 - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.tomcat.apache.org%3E
[SECURITY] CVE-2021-25329 Apache Tomcat Incomplete fix for CVE-2020-9484 (RCE via session persistence) - Pony MailMailing List;Vendor Advisory
-
http://www.openwall.com/lists/oss-security/2021/03/01/2
oss-security - CVE-2021-25329: Apache Tomcat Incomplete fix for CVE-2020-9484Mailing List;Third Party Advisory
-
https://www.debian.org/security/2021/dsa-4891
Debian -- Security Information -- DSA-4891-1 tomcat9Third Party Advisory
-
https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cdev.tomcat.apache.org%3E
[SECURITY] CVE-2021-25329 Apache Tomcat Incomplete fix for CVE-2020-9484 (RCE via session persistence) - Pony MailMailing List;Vendor Advisory
-
https://www.oracle.com/security-alerts/cpuoct2021.html
Oracle Critical Patch Update Advisory - October 2021Patch;Third Party Advisory
-
https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf@%3Cannounce.apache.org%3E
[SECURITY] CVE-2021-25329 Apache Tomcat Incomplete fix for CVE-2020-9484 (RCE via session persistence) - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cannounce.tomcat.apache.org%3E
[SECURITY] CVE-2021-25329 Apache Tomcat Incomplete fix for CVE-2020-9484 (RCE via session persistence) - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E
svn commit: r1887027 - in /tomcat/site/trunk: docs/security-10.html docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-10.xml xdocs/security-7.xml xdocs/security-8.xml xdocsMailing List;Patch;Vendor Advisory
-
https://lists.apache.org/thread.html/r732b2ca289dc02df2de820e8775559abd6c207f159e39f559547a085@%3Cusers.tomcat.apache.org%3E
Re: What is "h2c"? What is CVE-2021-25329? Re: Most recent security-related update to 8.5 - Pony MailMailing List;Vendor Advisory
-
https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html
[SECURITY] [DLA 2596-1] tomcat8 security updateMailing List;Third Party Advisory
Products affected by CVE-2021-25329
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone21:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone22:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone23:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone24:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone25:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone26:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone27:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:10.0.0:milestone1:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:10.0.0:milestone2:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:10.0.0:milestone3:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:10.0.0:milestone4:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:10.0.0:milestone5:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:10.0.0:milestone6:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:10.0.0:milestone7:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:10.0.0:milestone8:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:10.0.0:milestone9:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:10.0.0:-:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:10.0.0:milestone10:*:*:*:*:*:*
- cpe:2.3:a:oracle:database:19c:*:*:*:enterprise:*:*:*
- cpe:2.3:a:oracle:database:12.2.0.1:*:*:*:enterprise:*:*:*
- cpe:2.3:a:oracle:database:21c:*:*:*:enterprise:*:*:*
- cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:siebel_ui_framework:21.9:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:graph_server_and_client:*:*:*:*:*:*:*:*