CVE-2014-9720

MEDIUM
Published Jan 24, 20206y ago · Modified Jun 17, 20261w ago
6.5 CVSS 3.1
Medium
Find Similar
Published Jan 24, 2020 6y ago
Last Modified Jun 17, 2026 1w ago

Description

Tornado before 3.2.2 sends arbitrary responses that contain a fixed CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determine this token via a series of crafted requests.

CVSS Details

Base Score
6.5
Exploitability
2.8
Impact
3.6
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity None
Availability None

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-203

Affected Products 1

VendorProductVersionRange
tornadowebtornado* <3.2.2

References 5

  • openwall.com http://openwall.com/lists/oss-security/2015/05/19/4
    Mailing ListPatchThird Party Advisory
  • tornadoweb.org http://www.tornadoweb.org/en/stable/releases/v3.2.2.html
    Release NotesVendor Advisory
  • bugzilla.novell.com https://bugzilla.novell.com/show_bug.cgi?id=930362
    Issue TrackingPatchThird Party Advisory
  • bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1222816
    Issue TrackingPatchThird Party Advisory
  • github.com https://github.com/tornadoweb/tornado/commit/1c36307463b1e8affae100bf9386948e6c1b2308
    Patch

Remediation

  • openwall.com http://openwall.com/lists/oss-security/2015/05/19/4
    Mailing ListPatchThird Party Advisory
  • bugzilla.novell.com https://bugzilla.novell.com/show_bug.cgi?id=930362
    Issue TrackingPatchThird Party Advisory
  • bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1222816
    Issue TrackingPatchThird Party Advisory
  • github.com https://github.com/tornadoweb/tornado/commit/1c36307463b1e8affae100bf9386948e6c1b2308
    Patch