PT-2020-3259 · Apache+6 · Apache Tomcat+6

Khuyen Nguyen

·

Published

2020-02-11

·

Updated

2026-05-18

·

CVE-2020-1935

CVSS v2.0

5.8

Medium

VectorAV:N/AC:M/Au:N/C:P/I:P/A:N
Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 7.0.0 through 7.0.99 Apache Tomcat versions 8.5.0 through 8.5.50 Apache Tomcat versions 9.0.0.M1 through 9.0.30
Description The issue is related to the HTTP header parsing code, which used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
Recommendations For Apache Tomcat versions 7.0.0 through 7.0.99, update to a version that fixes the HTTP header parsing issue. For Apache Tomcat versions 8.5.0 through 8.5.50, update to a version that fixes the HTTP header parsing issue. For Apache Tomcat versions 9.0.0.M1 through 9.0.30, update to a version that fixes the HTTP header parsing issue. As a temporary workaround, consider restricting access to the Transfer-Encoding header in the reverse proxy configuration to minimize the risk of exploitation.

Exploit

Fix

HTTP Request/Response Smuggling

Weakness Enumeration

CWE-444

Related Identifiers

ALT-PU-2020-2892
ALT-PU-2020-3213
ALT-PU-2021-2858
BDU:2020-03567
BIT-TOMCAT-2020-1935
CESA-2020_4847
CESA-2020_5020
CVE-2020-1935
DLA-2133-1
DLA-2209-1
DSA-4673-1
DSA-4680-1
GHSA-QXF4-CHVG-4R8R
MGASA-2020-0138
OPENSUSE-SU-2020:0345-1
OPENSUSE-SU-2020_0345-1
OPENSUSE-SU-2024:11468-1
OPENSUSE-SU-2024:13441-1
RHSA-2020:1520
RHSA-2020:3303
RHSA-2020:4847
RHSA-2020:5020
RHSA-2020_4847
RHSA-2020_5020
RHSA-2021:0882
RHSA-2021:1030
RLSA-2020:4847
SUSE-SU-2020:0598-1
SUSE-SU-2020:0631-1
SUSE-SU-2020:0632-1
SUSE-SU-2020:2611-1
USN-4448-1

Affected Products

Alt Linux
Apache Tomcat
Centos
Red Hat
Rocky Linux
Suse
Ubuntu