N/A

CVSS Score

Basic Information

CVE ID

CVE-2013-4322

GHSA ID

GHSA-wq2p-q66w-q8gp

EPSS Score

0.98525%

CWE

CWE-400

Published

5/14/2022

Updated

2/22/2024

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2013-4322

CVE-2013-4322: Apache Tomcat Denial of Service vulnerability

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544.

(GitHub Advisory)

N/A

CVSS Score

Basic Information

CVE ID

CVE-2013-4322

GHSA ID

GHSA-wq2p-q66w-q8gp

EPSS Score

0.98525%

CWE

CWE-400

Published

5/14/2022

Updated

2/22/2024

KEV Status

Technology

Java

Technical Details

CVSS Vector

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.apache.tomcat:tomcat	maven	< 6.0.39	6.0.39
org.apache.tomcat:tomcat	maven	>= 8.0.0-RC1, < 8.0.0-RC10	8.0.0-RC10
org.apache.tomcat:tomcat	maven	>= 7.0.0, < 7.0.50	7.0.50

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

*p**** Tom**t ***or* *.*.**, *.x ***or* *.*.**, *n* *.x ***or* *.*.*-R*** pro**ss*s **unk** tr*ns**r *o*in* wit*out prop*rly **n*lin* (*) * l*r** tot*l *mount o* **unk** **t* or (*) w*it*sp*** ***r**t*rs in *n *TTP *****r v*lu* wit*in * tr*il*r *i*l*

Reasoning

No *n*lysis *v*il**l*

N/A

Basic Information

Concerned about an active attack path?

CVE-2013-4322: Apache Tomcat Denial of Service vulnerability

N/A

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI