CVE-2020-13935 — HIGH (7.5)

Q: How severe is CVE-2020-13935?

CVE-2020-13935 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-13935?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Tomcat, Debian Debian Linux, Netapp Oncommand System Manager, Opensuse Leap, Canonical Ubuntu Linux.

Vulnerability Description

The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Apache	Tomcat	>= 7.0.27, <= 7.0.104
Debian	Debian Linux	9.0
Netapp	Oncommand System Manager	>= 3.0.0, <= 3.1.3
Opensuse	Leap	15.1
Canonical	Ubuntu Linux	16.04
Mcafee	Epolicy Orchestrator	5.9.0
Oracle	Agile Engineering Data Management	6.2.1.0
Oracle	Agile Plm	9.3.3
Oracle	Blockchain Platform	< 21.1.2
Oracle	Commerce Guided Search	11.3.2
Oracle	Communications Cloud Native Core Policy	1.14.0
Oracle	Communications Instant Messaging Server	10.0.1.5.0
Oracle	Fmw Platform	12.2.1.3.0
Oracle	Instantis Enterprisetrack	17.1
Oracle	Managed File Transfer	12.2.1.3.0
Oracle	Mysql Enterprise Monitor	<= 8.0.21
Oracle	Siebel Ui Framework	<= 20.12
Oracle	Workload Manager	12.2.0.1

Related Weaknesses (CWE)

CWE-835

References

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00084.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00088.htmlMailing ListThird Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10332Third Party Advisory
https://lists.apache.org/thread.html/r4e5d3c09f4dd2923191e972408b40fb8b42dbff0bc
https://lists.apache.org/thread.html/rd48c72bd3255bda87564d4da3791517c074d94f8a7Mailing ListRelease NotesVendor Advisory
https://lists.debian.org/debian-lts-announce/2020/07/msg00017.htmlMailing ListThird Party Advisory
https://security.netapp.com/advisory/ntap-20200724-0003/Third Party Advisory
https://usn.ubuntu.com/4448-1/Third Party Advisory
https://usn.ubuntu.com/4596-1/Third Party Advisory
https://www.debian.org/security/2020/dsa-4727Third Party Advisory
https://www.oracle.com//security-alerts/cpujul2021.htmlPatchThird Party Advisory
https://www.oracle.com/security-alerts/cpuApr2021.htmlPatchThird Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.htmlPatchThird Party Advisory
https://www.oracle.com/security-alerts/cpujan2021.htmlPatchThird Party Advisory
https://www.oracle.com/security-alerts/cpujan2022.htmlPatchThird Party Advisory

FAQ

What is CVE-2020-13935?

CVE-2020-13935 is a vulnerability with a CVSS score of 7.5 (HIGH). The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could tr...

How severe is CVE-2020-13935?

CVE-2020-13935 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-13935?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Tomcat, Debian Debian Linux, Netapp Oncommand System Manager, Opensuse Leap, Canonical Ubuntu Linux.