CVE-2019-0221
The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website.
Published at
2019-05-28
964 days ago
Modified
2021-07-13
187 days ago
2019
Year
The year of the turtle
https://seclists.org/bugtraq/2019/Dec/43
BUGTRAQ:20191229 [SECURITY] [DSA 4596-1] tomcat8 security update
https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c@%3Cannounce.tomcat.apache.org%3E
CONFIRM:https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c@%3Cannounce.tomcat.apache.org%3E
https://security.netapp.com/advisory/ntap-20190606-0001/
CONFIRM:https://security.netapp.com/advisory/ntap-20190606-0001/
https://support.f5.com/csp/article/K13184144?utm_source=f5support&utm_medium=RSS
CONFIRM:https://support.f5.com/csp/article/K13184144?utm_source=f5support&utm_medium=RSS
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46/
FEDORA:FEDORA-2019-1a3f878d27
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3/
FEDORA:FEDORA-2019-d66febb5df
http://seclists.org/fulldisclosure/2019/May/50
FULLDISC:20190529 XSS in SSI printenv command - Apache Tomcat - CVE-2019-0221
http://packetstormsecurity.com/files/163457/Apache-Tomcat-9.0.0.M1-Cross-Site-Scripting.html
MISC:http://packetstormsecurity.com/files/163457/Apache-Tomcat-9.0.0.M1-Cross-Site-Scripting.html
https://www.oracle.com/security-alerts/cpuApr2021.html
MISC:https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuapr2020.html
MISC:https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
MISC:https://www.oracle.com/security-alerts/cpujan2020.html
https://wwws.nightwatchcybersecurity.com/2019/05/27/xss-in-ssi-printenv-command-apache-tomcat-cve-2019-0221/
MISC:https://wwws.nightwatchcybersecurity.com/2019/05/27/xss-in-ssi-printenv-command-apache-tomcat-cve-2019-0221/
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E
MLIST:[announce] 20200131 Apache Software Foundation Security Report: 2019
https://lists.debian.org/debian-lts-announce/2019/05/msg00044.html
MLIST:[debian-lts-announce] 20190530 [SECURITY] [DLA 1810-1] tomcat7 security update
https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html
MLIST:[debian-lts-announce] 20190813 [SECURITY] [DLA 1883-1] tomcat8 security update
https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
MLIST:[tomcat-dev] 20200203 svn commit: r1873527 [24/30] - /tomcat/site/trunk/docs/
https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
MLIST:[tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
MLIST:[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/
https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
MLIST:[tomcat-dev] 20200213 svn commit: r1873980 [28/34] - /tomcat/site/trunk/docs/
https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
MLIST:[tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00090.html
SUSE:openSUSE-SU-2019:1673
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html
SUSE:openSUSE-SU-2019:1808
Vulnerability RAW
{
"Title": {
"_text": "CVE-2019-0221"
},
"Notes": {
"Note": [
{
"_text": "The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website."
},
{
"_text": "2019-05-28"
},
{
"_text": "2021-07-13"
}
]
},
"CVE": {
"_text": "CVE-2019-0221"
},
"References": {
"Reference": [
{
"URL": {
"_text": "http://www.securityfocus.com/bid/108545"
},
"Description": {
"_text": "BID:108545"
}
},
{
"URL": {
"_text": "https://seclists.org/bugtraq/2019/Dec/43"
},
"Description": {
"_text": "BUGTRAQ:20191229 [SECURITY] [DSA 4596-1] tomcat8 security update"
}
},
{
"URL": {
"_text": "https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c@%3Cannounce.tomcat.apache.org%3E"
},
"Description": {
"_text": "CONFIRM:https://lists.apache.org/thread.html/6e6e9eacf7b28fd63d249711e9d3ccd4e0a83f556e324aee37be5a8c@%3Cannounce.tomcat.apache.org%3E"
}
},
{
"URL": {
"_text": "https://security.netapp.com/advisory/ntap-20190606-0001/"
},
"Description": {
"_text": "CONFIRM:https://security.netapp.com/advisory/ntap-20190606-0001/"
}
},
{
"URL": {
"_text": "https://support.f5.com/csp/article/K13184144?utm_source=f5support&utm_medium=RSS"
},
"Description": {
"_text": "CONFIRM:https://support.f5.com/csp/article/K13184144?utm_source=f5support&utm_medium=RSS"
}
},
{
"URL": {
"_text": "https://www.debian.org/security/2019/dsa-4596"
},
"Description": {
"_text": "DEBIAN:DSA-4596"
}
},
{
"URL": {
"_text": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQTZ5BJ5F4KV6N53SGNKSW3UY5DBIQ46/"
},
"Description": {
"_text": "FEDORA:FEDORA-2019-1a3f878d27"
}
},
{
"URL": {
"_text": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPHQEL5AQ6LZSZD2Y6TYZ4RC3WI7NXJ3/"
},
"Description": {
"_text": "FEDORA:FEDORA-2019-d66febb5df"
}
},
{
"URL": {
"_text": "http://seclists.org/fulldisclosure/2019/May/50"
},
"Description": {
"_text": "FULLDISC:20190529 XSS in SSI printenv command - Apache Tomcat - CVE-2019-0221"
}
},
{
"URL": {
"_text": "https://security.gentoo.org/glsa/202003-43"
},
"Description": {
"_text": "GENTOO:GLSA-202003-43"
}
},
{
"URL": {
"_text": "http://packetstormsecurity.com/files/163457/Apache-Tomcat-9.0.0.M1-Cross-Site-Scripting.html"
},
"Description": {
"_text": "MISC:http://packetstormsecurity.com/files/163457/Apache-Tomcat-9.0.0.M1-Cross-Site-Scripting.html"
}
},
{
"URL": {
"_text": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
"Description": {
"_text": "MISC:https://www.oracle.com/security-alerts/cpuApr2021.html"
}
},
{
"URL": {
"_text": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
"Description": {
"_text": "MISC:https://www.oracle.com/security-alerts/cpuapr2020.html"
}
},
{
"URL": {
"_text": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
"Description": {
"_text": "MISC:https://www.oracle.com/security-alerts/cpujan2020.html"
}
},
{
"URL": {
"_text": "https://wwws.nightwatchcybersecurity.com/2019/05/27/xss-in-ssi-printenv-command-apache-tomcat-cve-2019-0221/"
},
"Description": {
"_text": "MISC:https://wwws.nightwatchcybersecurity.com/2019/05/27/xss-in-ssi-printenv-command-apache-tomcat-cve-2019-0221/"
}
},
{
"URL": {
"_text": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E"
},
"Description": {
"_text": "MLIST:[announce] 20200131 Apache Software Foundation Security Report: 2019"
}
},
{
"URL": {
"_text": "https://lists.debian.org/debian-lts-announce/2019/05/msg00044.html"
},
"Description": {
"_text": "MLIST:[debian-lts-announce] 20190530 [SECURITY] [DLA 1810-1] tomcat7 security update"
}
},
{
"URL": {
"_text": "https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html"
},
"Description": {
"_text": "MLIST:[debian-lts-announce] 20190813 [SECURITY] [DLA 1883-1] tomcat8 security update"
}
},
{
"URL": {
"_text": "https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E"
},
"Description": {
"_text": "MLIST:[tomcat-dev] 20200203 svn commit: r1873527 [24/30] - /tomcat/site/trunk/docs/"
}
},
{
"URL": {
"_text": "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E"
},
"Description": {
"_text": "MLIST:[tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/"
}
},
{
"URL": {
"_text": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E"
},
"Description": {
"_text": "MLIST:[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/"
}
},
{
"URL": {
"_text": "https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E"
},
"Description": {
"_text": "MLIST:[tomcat-dev] 20200213 svn commit: r1873980 [28/34] - /tomcat/site/trunk/docs/"
}
},
{
"URL": {
"_text": "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E"
},
"Description": {
"_text": "MLIST:[tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/"
}
},
{
"URL": {
"_text": "https://access.redhat.com/errata/RHSA-2019:3929"
},
"Description": {
"_text": "REDHAT:RHSA-2019:3929"
}
},
{
"URL": {
"_text": "https://access.redhat.com/errata/RHSA-2019:3931"
},
"Description": {
"_text": "REDHAT:RHSA-2019:3931"
}
},
{
"URL": {
"_text": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00090.html"
},
"Description": {
"_text": "SUSE:openSUSE-SU-2019:1673"
}
},
{
"URL": {
"_text": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html"
},
"Description": {
"_text": "SUSE:openSUSE-SU-2019:1808"
}
},
{
"URL": {
"_text": "https://usn.ubuntu.com/4128-1/"
},
"Description": {
"_text": "UBUNTU:USN-4128-1"
}
},
{
"URL": {
"_text": "https://usn.ubuntu.com/4128-2/"
},
"Description": {
"_text": "UBUNTU:USN-4128-2"
}
}
]
}
}