Vulnerability Details : CVE-2008-1947
Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.
Vulnerability category: Cross site scripting (XSS)
Threat overview for CVE-2008-1947
Top countries where our scanners detected CVE-2008-1947
Top open port discovered on systems with this issue
80
IPs affected by CVE-2008-1947 6,467
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2008-1947!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2008-1947
Probability of exploitation activity in the next 30 days: 11.78%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2008-1947
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2008-1947
-
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-1947
-
http://www.redhat.com/support/errata/RHSA-2008-0648.html
Support
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/42816
Apache Tomcat Host Manager cross-site scripting CVE-2008-1947 Vulnerability Report
-
http://tomcat.apache.org/security-5.html
Apache Tomcat® - Apache Tomcat 5 vulnerabilities
-
http://marc.info/?l=bugtraq&m=139344343412337&w=2
'[security bulletin] HPSBST02955 rev.1 - HP XP P9000 Performance Advisor Software, 3rd party Software' - MARC
-
http://www.securityfocus.com/archive/1/492958/100/0/threaded
-
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
VMSA-2009-0016.6
-
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/-Apache Mail Archives
-
http://www.vupen.com/english/advisories/2009/3316
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
-
http://tomcat.apache.org/security-6.html
Apache Tomcat® - Apache Tomcat 6 vulnerabilities
-
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/-Apache Mail Archives
-
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/-Apache Mail Archives
-
http://www.securityfocus.com/bid/29502
- http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
-
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html
[SECURITY] Fedora 9 Update: tomcat6-6.0.18-1.1.fc9
-
http://www.mandriva.com/security/advisories?name=MDVSA-2008:188
Page not found - Mandriva.com
-
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html
[SECURITY] Fedora 9 Update: tomcat5-5.5.27-0jpp.2.fc9
-
http://www.vupen.com/english/advisories/2008/1725
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
-
http://www.vmware.com/security/advisories/VMSA-2009-0002.html
VMSA-2009-0002.2
-
http://marc.info/?l=bugtraq&m=123376588623823&w=2
'[security bulletin] HPSBUX02401 SSRT090005 rev.1 - HP-UX Running Apache Web Server Suite, Remote Den' - MARC
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6009
404 Not Found
-
http://marc.info/?l=tomcat-user&m=121244319501278&w=2
'[SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability' - MARC
-
http://www.vupen.com/english/advisories/2009/0320
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
-
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2009:004 - openSUSE Security Announce - openSUSE Mailing Lists
-
http://www.vupen.com/english/advisories/2008/2823
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
-
http://www.securitytracker.com/id?1020624
-
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html
[security-announce] SUSE Security Summary Report SUSE-SR:2008:014 - openSUSE Security Announce - openSUSE Mailing Lists
-
http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm
ASA-2008-401 (RHSA-2008-0862)
-
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html
[SECURITY] Fedora 8 Update: tomcat5-5.5.27-0jpp.2.fc8
-
http://www.vupen.com/english/advisories/2008/2780
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
-
http://www.vupen.com/english/advisories/2009/0503
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
- http://www.securityfocus.com/archive/1/507985/100/0/threaded
-
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/-Apache Mail Archives
-
http://support.apple.com/kb/HT3216
About Security Update 2008-007 - Apple Support
-
http://www.redhat.com/support/errata/RHSA-2008-0862.html
Support
-
http://www.redhat.com/support/errata/RHSA-2008-0864.html
Support
- http://www.securityfocus.com/bid/31681
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11534
404 Not Found
-
http://www.debian.org/security/2008/dsa-1593
[SECURITY] [DSA 1593-1] New tomcat5.5 packages cross-site scripting
Products affected by CVE-2008-1947
- cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*