CVE-2019-0232
- Source
- https://cve.org/CVERecord?id=CVE-2019-0232
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-0232.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-0232
- Aliases
- Downstream
- Published
- 2019-04-15T15:29:00.420Z
- Modified
- 2026-04-02T01:26:35.047274Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet is disabled by default. The CGI option enableCmdLineArguments is disable by default in Tomcat 9.0.x (and will be disabled by default in all versions in response to this vulnerability). For a detailed explanation of the JRE behaviour, see Markus Wulftange's blog (https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html) and this archived MSDN blog (https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/).
- References
-
- https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/5f297a4b9080b5f65a05bc139596d0e437d6a539b25e31d29d028767%40%3Cannounce.tomcat.apache.org%3E
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://lists.apache.org/thread.html/96849486813a95dfd542e1618b7923ca945508aaf4a4341f674d83e3%40%3Cnotifications.ofbiz.apache.org%3E
- https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/a6c87a09a71162fd563ab1c4e70a08a103e0b7c199fc391f1c9c4c35%40%3Ccommits.ofbiz.apache.org%3E
- http://seclists.org/fulldisclosure/2019/May/4
- https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/dd4b325cdb261183dbf5ce913c102920a8f09c26dae666a98309165b%40%3Cnotifications.ofbiz.apache.org%3E
- https://www.oracle.com/security-alerts/cpujan2020.html
- http://packetstormsecurity.com/files/153506/Apache-Tomcat-CGIServlet-enableCmdLineArguments-Remote-Code-Execution.html
- https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://lists.apache.org/thread.html/52ffb9fbf661245386a83a661183d13f1de2e5779fa23837a08e02ac%40%3Ccommits.ofbiz.apache.org%3E
- https://lists.apache.org/thread.html/673b6148d92cd7bc99ea2dcf85ad75d57da44fc322d51f37fb529a2a%40%3Ccommits.ofbiz.apache.org%3E
- https://wwws.nightwatchcybersecurity.com/2019/04/30/remote-code-execution-rce-in-cgi-servlet-apache-tomcat-on-windows-cve-2019-0232/
- https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/f4d48b32ef2b6aa49c8830241a9475da5b46e451f964b291c7a0a715%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E
- https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
- http://www.securityfocus.com/bid/107906
- https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/
- https://access.redhat.com/errata/RHSA-2019:1712
- https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html
- https://security.netapp.com/advisory/ntap-20190419-0001/
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
- https://www.synology.com/security/advisory/Synology_SA_19_17
- https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
- https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-cve-2019-0232-a-remote-code-execution-vulnerability-in-apache-tomcat/
- https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-784
Affected packages
Git / github.com/apache/tomcat
Affected ranges
- Type
- GIT
- Repo
- https://github.com/apache/tomcat
- Events
-
IntroducedLast affectedIntroducedLast affectedIntroducedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "7.0.0" }, { "last_affected": "7.0.93" }, { "introduced": "8.5.0" }, { "last_affected": "8.5.39" }, { "introduced": "9.0.1" }, { "last_affected": "9.0.17" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone1" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone10" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone11" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone12" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone13" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone14" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone15" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone16" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone17" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone18" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone19" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone2" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone20" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone21" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone22" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone23" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone24" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone25" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone26" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone3" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone4" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone5" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone6" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone7" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone8" }, { "introduced": "0" }, { "last_affected": "9.0.0-milestone9" } ] }
Affected versions
10.*
10.0.0
10.0.0-M1
10.0.0-M10
10.0.0-M2
10.0.0-M3
10.0.0-M4
10.0.0-M5
10.0.0-M6
10.0.0-M7
10.0.0-M8
10.0.0-M9
10.0.0.0-M1
10.0.1
10.0.10
10.0.11
10.0.12
10.0.13
10.0.14
10.0.15
10.0.16
10.0.17
10.0.18
10.0.19
10.0.2
10.0.20
10.0.21
10.0.22
10.0.23
10.0.24
10.0.25
10.0.26
10.0.27
10.0.3
10.0.4
10.0.5
10.0.6
10.0.7
10.0.8
10.0.9
10.1.0
10.1.0-M1
10.1.0-M10
10.1.0-M11
10.1.0-M12
10.1.0-M13
10.1.0-M14
10.1.0-M15
10.1.0-M16
10.1.0-M17
10.1.0-M18
10.1.0-M19
10.1.0-M2
10.1.0-M20
10.1.0-M3
10.1.0-M4
10.1.0-M5
10.1.0-M6
10.1.0-M7
10.1.0-M8
10.1.0-M9
10.1.1
10.1.10
10.1.11
10.1.12
10.1.13
10.1.14
10.1.15
10.1.16
10.1.17
10.1.18
10.1.19
10.1.2
10.1.20
10.1.22
10.1.23
10.1.24
10.1.25
10.1.26
10.1.27
10.1.28
10.1.29
10.1.3
10.1.30
10.1.31
10.1.32
10.1.33
10.1.34
10.1.35
10.1.36
10.1.37
10.1.38
10.1.39
10.1.4
10.1.40
10.1.41
10.1.42
10.1.43
10.1.44
10.1.45
10.1.46
10.1.47
10.1.48
10.1.49
10.1.5
10.1.50
10.1.51
10.1.52
10.1.6
10.1.7
10.1.8
10.1.9
11.*
11.0.0
11.0.0-M1
11.0.0-M10
11.0.0-M11
11.0.0-M12
11.0.0-M13
11.0.0-M14
11.0.0-M15
11.0.0-M16
11.0.0-M17
11.0.0-M18
11.0.0-M19
11.0.0-M2
11.0.0-M20
11.0.0-M21
11.0.0-M22
11.0.0-M23
11.0.0-M24
11.0.0-M25
11.0.0-M26
11.0.0-M3
11.0.0-M4
11.0.0-M5
11.0.0-M6
11.0.0-M7
11.0.0-M8
11.0.0-M9
11.0.1
11.0.10
11.0.11
11.0.12
11.0.13
11.0.14
11.0.15
11.0.16
11.0.17
11.0.18
11.0.2
11.0.3
11.0.4
11.0.5
11.0.6
11.0.7
11.0.8
11.0.9
7.*
7.0.0
7.0.0-RC1
7.0.0-RC2
7.0.0-RC3
7.0.0-RC4
7.0.1
7.0.10
7.0.100
7.0.101
7.0.102
7.0.103
7.0.104
7.0.105
7.0.106
7.0.107
7.0.108
7.0.109
7.0.11
7.0.12
7.0.13
7.0.14
7.0.15
7.0.16
7.0.17
7.0.18
7.0.19
7.0.2
7.0.20
7.0.21
7.0.22
7.0.23
7.0.24
7.0.25
7.0.26
7.0.27
7.0.28
7.0.29
7.0.3
7.0.30
7.0.31
7.0.32
7.0.33
7.0.34
7.0.35
7.0.36
7.0.37
7.0.38
7.0.39
7.0.4
7.0.40
7.0.41
7.0.42
7.0.43
7.0.44
7.0.45
7.0.46
7.0.47
7.0.48
7.0.49
7.0.5
7.0.50
7.0.51
7.0.52
7.0.53
7.0.54
7.0.55
7.0.56
7.0.57
7.0.58
7.0.59
7.0.6
7.0.60
7.0.61
7.0.62
7.0.63
7.0.64
7.0.65
7.0.66
7.0.67
7.0.68
7.0.69
7.0.7
7.0.70
7.0.71
7.0.72
7.0.73
7.0.74
7.0.75
7.0.76
7.0.77
7.0.78
7.0.79
7.0.8
7.0.80
7.0.81
7.0.82
7.0.83
7.0.84
7.0.85
7.0.86
7.0.87
7.0.88
7.0.89
7.0.9
7.0.90
7.0.91
7.0.92
7.0.93
7.0.94
7.0.95
7.0.96
7.0.97
7.0.98
7.0.99
8.*
8.5.0
8.5.1
8.5.10
8.5.100
8.5.11
8.5.12
8.5.13
8.5.14
8.5.15
8.5.16
8.5.17
8.5.18
8.5.19
8.5.2
8.5.20
8.5.21
8.5.22
8.5.23
8.5.24
8.5.25
8.5.26
8.5.27
8.5.28
8.5.29
8.5.3
8.5.30
8.5.31
8.5.32
8.5.33
8.5.34
8.5.35
8.5.36
8.5.37
8.5.38
8.5.39
8.5.4
8.5.40
8.5.41
8.5.42
8.5.43
8.5.44
8.5.45
8.5.46
8.5.47
8.5.48
8.5.49
8.5.5
8.5.50
8.5.51
8.5.52
8.5.53
8.5.54
8.5.55
8.5.56
8.5.57
8.5.58
8.5.59
8.5.6
8.5.60
8.5.61
8.5.62
8.5.63
8.5.64
8.5.65
8.5.66
8.5.67
8.5.68
8.5.69
8.5.7
8.5.70
8.5.71
8.5.72
8.5.73
8.5.74
8.5.75
8.5.76
8.5.77
8.5.78
8.5.79
8.5.8
8.5.80
8.5.81
8.5.82
8.5.83
8.5.84
8.5.85
8.5.86
8.5.87
8.5.88
8.5.89
8.5.9
8.5.90
8.5.91
8.5.92
8.5.93
8.5.94
8.5.95
8.5.96
8.5.97
8.5.98
8.5.99
9.*
9.0.0
9.0.0-M1
9.0.0-M10
9.0.0-M11
9.0.0-M12
9.0.0-M13
9.0.0-M14
9.0.0-M15
9.0.0-M16
9.0.0-M17
9.0.0-M18
9.0.0-M19
9.0.0-M2
9.0.0-M20
9.0.0-M21
9.0.0-M22
9.0.0-M23
9.0.0-M24
9.0.0-M25
9.0.0-M26
9.0.0-M27
9.0.0-M3
9.0.0-M4
9.0.0-M5
9.0.0-M6
9.0.0-M7
9.0.0-M8
9.0.0-M9
9.0.1
9.0.10
9.0.100
9.0.101
9.0.102
9.0.103
9.0.104
9.0.105
9.0.106
9.0.107
9.0.108
9.0.109
9.0.11
9.0.110
9.0.111
9.0.112
9.0.113
9.0.114
9.0.115
9.0.12
9.0.13
9.0.14
9.0.15
9.0.16
9.0.17
9.0.18
9.0.19
9.0.2
9.0.20
9.0.21
9.0.22
9.0.23
9.0.24
9.0.25
9.0.26
9.0.27
9.0.28
9.0.29
9.0.3
9.0.30
9.0.31
9.0.32
9.0.33
9.0.34
9.0.35
9.0.36
9.0.37
9.0.38
9.0.39
9.0.4
9.0.40
9.0.41
9.0.42
9.0.43
9.0.44
9.0.45
9.0.46
9.0.47
9.0.48
9.0.49
9.0.5
9.0.50
9.0.51
9.0.52
9.0.53
9.0.54
9.0.55
9.0.56
9.0.57
9.0.58
9.0.59
9.0.6
9.0.60
9.0.61
9.0.62
9.0.63
9.0.64
9.0.65
9.0.66
9.0.67
9.0.68
9.0.69
9.0.7
9.0.70
9.0.71
9.0.72
9.0.73
9.0.74
9.0.75
9.0.76
9.0.77
9.0.78
9.0.79
9.0.8
9.0.80
9.0.81
9.0.82
9.0.83
9.0.84
9.0.85
9.0.86
9.0.87
9.0.88
9.0.89
9.0.9
9.0.90
9.0.91
9.0.92
9.0.93
9.0.94
9.0.95
9.0.96
9.0.97
9.0.98
9.0.99