CVE-2016-5388 log

Severity Medium
Remote Yes
Type Proxy injection
It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.
Group Package Affected Fixed Severity Status Ticket
AVG-51 tomcat6 6.0.45-1 6.0.47-1 Medium Fixed
AVG-25 tomcat8 8.0.36-1 8.0.37-1 Medium Fixed
AVG-23 tomcat7 7.0.70-1 7.0.72-1 Medium Fixed
Date Advisory Group Package Severity Type
02 Nov 2016 ASA-201611-6 AVG-51 tomcat6 Medium proxy injection
07 Sep 2016 ASA-201609-7 AVG-25 tomcat8 Medium proxy injection
22 Sep 2016 ASA-201609-21 AVG-23 tomcat7 Medium proxy injection