Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-0002
HistoryFeb 12, 2008 - 1:00 a.m.

CVE-2008-0002

2008-02-1201:00:00
[email protected]
web.nvd.nist.gov
49
cve-2008-0002
apache tomcat
parameter processing
remote attack
sensitive information

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

7.3 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.3%

JSON

Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the exception.

Affected configurations

NVD
Node
apachetomcatMatch6.0.5
OR
apachetomcatMatch6.0.6
OR
apachetomcatMatch6.0.7
OR
apachetomcatMatch6.0.8
OR
apachetomcatMatch6.0.9
OR
apachetomcatMatch6.0.10
OR
apachetomcatMatch6.0.11
OR
apachetomcatMatch6.0.12
OR
apachetomcatMatch6.0.13
OR
apachetomcatMatch6.0.14
OR
apachetomcatMatch6.0.15

References

Related

nvd 1
ubuntucve 1
cvelist 1
github 1
prion 1
securityvulns 2
veracode 1
osv 1
openvas 12
redhat 1
nessus 11
gentoo 1
tomcat 1
fedora 2
vmware 2
nvd
nvd
CVE-2008-0002
2008-02-12 01:00:00
ubuntucve
ubuntucve
CVE-2008-0002
2008-02-12 00:00:00
cvelist
cvelist
CVE-2008-0002
2008-02-12 00:00:00
github
github
Apache Tomcat Sensitive Information Disclosure
2022-05-01 23:27:14
prion
prion
Design/Logic Flaw
2008-02-12 01:00:00
securityvulns
securityvulns
CVE-2008-0002: Tomcat information disclosure vulnerability
2008-02-10 00:00:00
Apache Tomcat multiple security vulnerabilities
2008-02-10 00:00:00
veracode
veracode
Information Disclosure
2018-11-09 06:24:23
osv
osv
Apache Tomcat Sensitive Information Disclosure
2022-05-01 23:27:14
openvas
openvas
Gentoo Security Advisory GLSA 200804-10 (tomcat)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200804-10 (tomcat)
2008-09-24 00:00:00
Fedora Update for tomcat5 FEDORA-2008-1603
2009-02-16 00:00:00
redhat
redhat
(RHSA-2008:0158) Moderate: JBoss Enterprise Application Platform security update
2008-03-24 00:00:00
nessus
nessus
RHEL 4 : JBoss EAP (RHSA-2008:0151)
2013-01-24 00:00:00
GLSA-200804-10 : Tomcat: Multiple vulnerabilities
2008-04-17 00:00:00
RHEL 5 : JBoss EAP (RHSA-2008:0213)
2013-01-24 00:00:00
gentoo
gentoo
Tomcat: Multiple vulnerabilities
2008-04-10 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 6.0.16
2008-02-08 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: tomcat5-5.5.26-1jpp.2.fc7
2008-02-13 04:55:03
[SECURITY] Fedora 8 Update: tomcat5-5.5.26-1jpp.2.fc8
2008-02-13 05:14:35
vmware
vmware
VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.
2009-11-20 00:00:00
VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components
2009-11-20 00:00:00

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

7.3 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.3%

JSON
Related for CVE-2008-0002
nvd1ubuntucve1cvelist1github1prion1securityvulns2veracode1osv1openvas12redhat1nessus11gentoo1tomcat1fedora2vmware2