Miggo Logo

CVE-2015-5174: Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat

4.3

CVSS Score
3.0

Basic Information

EPSS Score
0.6866%
Published
5/14/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.apache.tomcat:tomcatmaven>= 8.0.0.RC1, <= 8.0.268.0.27
org.apache.tomcat:tomcatmaven>= 7.0.0, <= 7.0.647.0.65
org.apache.tomcat:tomcatmaven>= 6.0.0, <= 6.0.446.0.45

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The normalize() function in RequestUtil.java is the primary function affected by the CVE-2015-5174 vulnerability. The patches for Apache Tomcat 6, 7, and 8 modify this function to correctly handle pathnames with '/..' and prevent directory traversal attacks.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ir**tory tr*v*rs*l vuln*r**ility in R*qu*stUtil.j*v* in *p**** Tom**t *.x ***or* *.*.**, *.x ***or* *.*.**, *n* *.x ***or* *.*.** *llows r*mot* *ut**nti**t** us*rs to *yp*ss int*n*** S**urityM*n***r r*stri*tions *n* list * p*r*nt *ir**tory vi* * /..

Reasoning

T** `norm*liz*()` *un*tion in `R*qu*stUtil.j*v*` is t** prim*ry *un*tion *****t** *y t** *V*-****-**** vuln*r**ility. T** p*t***s *or *p**** Tom**t *, *, *n* * mo*i*y t*is *un*tion to *orr**tly **n*l* p*t*n*m*s wit* '/..' *n* pr*v*nt *ir**tory tr*v*r