CVE-2021-25122 - 漏洞详情

CVE-2021-25122 (CNNVD-202103-008)

HIGH

中文标题:

Apache Tomcat 信息泄露漏洞

英文标题:

Apache Tomcat h2c request mix-up

CVSS分数: 7.5

发布时间: 2021-03-01 12:00:20

漏洞类型: 信息泄露

状态: PUBLISHED

数据质量分数: 0.30

数据版本: v3

漏洞描述

中文描述:

Apache Tomcat是美国阿帕奇（Apache）基金会的一款轻量级Web应用服务器。该程序实现了对Servlet和JavaServer Page（JSP）的支持。 Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 存在信息泄露漏洞，该漏洞源于可以在一个请求到另一个请求中复制请求头和数量有限的请求体，这意味着用户a和用户B都可以看到用户a的请求结果。

英文描述:

When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request.

CWE类型:

CWE-200

受影响产品

厂商	产品	版本	版本范围	平台	CPE
Apache Software Foundation	Apache Tomcat	-	< 10.0.2	-	`cpe:2.3:a:apache_software_foundation:apache_tomcat::::::::`
apache	tomcat	*	-	-	`cpe:2.3:a:apache:tomcat::::::::`
apache	tomcat	9.0.0	-	-	`cpe:2.3:a:apache:tomcat:9.0.0:milestone1::::::`
apache	tomcat	10.0.0	-	-	`cpe:2.3:a:apache:tomcat:10.0.0:-::::::`
debian	debian_linux	9.0	-	-	`cpe:2.3:o:debian:debian_linux:9.0:::::::*`
debian	debian_linux	10.0	-	-	`cpe:2.3:o:debian:debian_linux:10.0:::::::*`
oracle	agile_plm	9.3.3	-	-	`cpe:2.3:a:oracle:agile_plm:9.3.3:::::::*`
oracle	agile_plm	9.3.6	-	-	`cpe:2.3:a:oracle:agile_plm:9.3.6:::::::*`
oracle	communications_cloud_native_core_policy	1.14.0	-	-	`cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:::::::*`
oracle	communications_cloud_native_core_security_edge_protection_proxy	1.6.0	-	-	`cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.6.0:::::::*`
oracle	communications_instant_messaging_server	10.0.1.5.0	-	-	`cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:::::::*`
oracle	database	12.2.0.1	-	-	`cpe:2.3:a:oracle:database:12.2.0.1::::enterprise:::`
oracle	database	19c	-	-	`cpe:2.3:a:oracle:database:19c::::enterprise:::`
oracle	database	21c	-	-	`cpe:2.3:a:oracle:database:21c::::enterprise:::`
oracle	graph_server_and_client	*	-	-	`cpe:2.3:a:oracle:graph_server_and_client::::::::`
oracle	graph_server_and_client	21.3.0	-	-	`cpe:2.3:a:oracle:graph_server_and_client:21.3.0:::::::*`
oracle	instantis_enterprisetrack	17.1	-	-	`cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:::::::*`
oracle	instantis_enterprisetrack	17.2	-	-	`cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:::::::*`
oracle	instantis_enterprisetrack	17.3	-	-	`cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:::::::*`
oracle	managed_file_transfer	12.2.1.3.0	-	-	`cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:::::::*`
oracle	managed_file_transfer	12.2.1.4.0	-	-	`cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:::::::*`
oracle	mysql_enterprise_monitor	*	-	-	`cpe:2.3:a:oracle:mysql_enterprise_monitor::::::::`
oracle	siebel_ui_framework	*	-	-	`cpe:2.3:a:oracle:siebel_ui_framework::::::::`

解决方案

中文解决方案:

（暂无数据）

英文解决方案:

（暂无数据）

临时解决方案:

（暂无数据）

参考链接

无标题 x_refsource_MISC
cve.org

访问

[tomcat-users] 20210301 [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up mailing-list
cve.org

访问

[tomcat-dev] 20210301 [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up mailing-list
cve.org

访问

[tomcat-dev] 20210301 svn commit: r1887027 - in /tomcat/site/trunk: docs/security-10.html docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-10.xml xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml mailing-list
cve.org

访问

[announce] 20210301 [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up mailing-list
cve.org

访问

[oss-security] 20210301 CVE-2021-25122: Apache Tomcat h2c request mix-up mailing-list
cve.org

访问

[tomcat-users] 20210305 RE: [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up mailing-list
cve.org

访问

[tomcat-users] 20210305 Re: [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up mailing-list
cve.org

访问

[debian-lts-announce] 20210316 [SECURITY] [DLA 2596-1] tomcat8 security update mailing-list
cve.org

访问

DSA-4891 vendor-advisory
cve.org

访问

无标题 x_refsource_MISC
cve.org

访问

无标题 x_refsource_CONFIRM
cve.org

访问

无标题 x_refsource_MISC
cve.org

访问

无标题 x_refsource_MISC
cve.org

访问

GLSA-202208-34 vendor-advisory
cve.org

访问

CVSS评分详情

7.5

HIGH

CVSS向量: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS版本: 3.1

机密性

HIGH

完整性

NONE

可用性

NONE

时间信息

发布时间:

2021-03-01 12:00:20

修改时间:

2025-02-13 16:27:48

创建时间:

2025-11-11 15:36:43

更新时间:

2025-11-11 15:56:38

利用信息

暂无可利用代码信息

数据源详情

数据源	记录ID	版本	提取时间
CVE	`cve_CVE-2021-25122`	2025-11-11 15:20:51	2025-11-11 07:36:43
NVD	`nvd_CVE-2021-25122`	2025-11-11 14:57:34	2025-11-11 07:45:03
CNNVD	`cnnvd_CNNVD-202103-008`	2025-11-11 15:10:35	2025-11-11 07:56:38

版本与语言

当前版本: v3

主要语言: EN

支持语言:

EN ZH

安全公告

暂无安全公告信息

变更历史

v3 CNNVD

2025-11-11 15:56:38

vulnerability_type: 未提取 → 信息泄露; cnnvd_id: 未提取 → CNNVD-202103-008; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']

查看详细变更

vulnerability_type: 未提取 -> 信息泄露
cnnvd_id: 未提取 -> CNNVD-202103-008
data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']

v2 NVD

2025-11-11 15:45:03

severity: SeverityLevel.MEDIUM → SeverityLevel.HIGH; cvss_score: 未提取 → 7.5; cvss_vector: NOT_EXTRACTED → CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N; cvss_version: NOT_EXTRACTED → 3.1; affected_products_count: 3 → 23; references_count: 16 → 15; data_sources: ['cve'] → ['cve', 'nvd']

查看详细变更

severity: SeverityLevel.MEDIUM -> SeverityLevel.HIGH
cvss_score: 未提取 -> 7.5
cvss_vector: NOT_EXTRACTED -> CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss_version: NOT_EXTRACTED -> 3.1
affected_products_count: 3 -> 23
references_count: 16 -> 15
data_sources: ['cve'] -> ['cve', 'nvd']

CVE-2021-25122 (CNNVD-202103-008)

中文标题:

Apache Tomcat 信息泄露漏洞

英文标题:

Apache Tomcat h2c request mix-up

漏洞描述

中文描述:

英文描述:

CWE类型:

标签:

受影响产品

解决方案

中文解决方案:

英文解决方案:

临时解决方案:

参考链接

CVSS评分详情

时间信息

利用信息

数据源详情

版本与语言

安全公告

变更历史