NVD

Id
84691  
Name
CVE-2017-5647  
Description
A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file processing of the previous request completed. This could result in responses appearing to be sent for the wrong request. For example, a user agent that sent requests A, B and C could see the correct response for request A, the response for request C for request B and no response for request C.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-07-18  
Published
2017-04-17  
Modified Date
2017-07-10  
Seq
2017-5647  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
417439 84691 CVE-2017-2464 97130  View
417440 84691 CVE-2017-2464 https://support.apple.com/HT207600  View
417441 84691 CVE-2017-2464 https://support.apple.com/HT207601  View
417442 84691 CVE-2017-2464 https://support.apple.com/HT207617  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
66770 JVNDB-2017-003095 Apache Tomcat における情報漏えいに関する脆弱性 Apache Tomcat には、情報漏えいに関する脆弱性が存在します。 CVE-2017-5647 0 CVE-2017-5647 84691 5 7.5 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-003095.html 2017-04-11 2017-05-15 View