Lucene search
RedhatCVE-2013-2051HistoryJul 09, 2013 - 5:55 p.m.
CVE-2013-2051
2013-07-0917:55:00
CWE-264
redhat
web.nvd.nist.gov
40
tomcat
digest authentication
vulnerability
red hat enterprise linux 6
cve-2013-2051
nvd
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
AI Score
6.5
Confidence
High
EPSS
0.003
Percentile
71.6%
The Tomcat 6 DIGEST authentication functionality as used in Red Hat Enterprise Linux 6 allows remote attackers to bypass intended access restrictions by performing a replay attack after a nonce becomes stale. NOTE: this issue is due to an incomplete fix for CVE-2012-5887.
Affected configurations
Node
redhatenterprise_linuxMatch6.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | 6.0 | cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* |
Related
prion
prion
Authentication flaw
2013-07-09 17:55:00
Authentication flaw
2012-11-17 19:55:00
debiancve
debiancve
CVE-2013-2051
2013-07-09 17:55:00
CVE-2012-5887
2012-11-17 19:55:00
seebug
seebug
Apache Tomcat DIGEST Authentication重放攻击漏洞(CVE-2013-2051)
2013-05-30 00:00:00
Apache Tomcat摘要验证不完整修复安全漏洞
2013-06-01 00:00:00
ubuntucve
ubuntucve
CVE-2013-2051
2013-07-09 00:00:00
CVE-2012-5887
2012-11-17 00:00:00
cvelist
cvelist
CVE-2013-2051
2013-07-09 17:00:00
CVE-2012-5887
2012-11-17 19:00:00
nvd
nvd
openvas
openvas
CentOS Update for tomcat6 CESA-2013:0869 centos6
2013-05-31 00:00:00
CentOS Update for tomcat6 CESA-2013:0869 centos6
2013-05-31 00:00:00
RedHat Update for tomcat6 RHSA-2013:0869-01
2013-05-31 00:00:00
centos
centos
tomcat6 security update
2013-05-29 08:25:00
tomcat5 security update
2013-03-12 19:14:34
tomcat6 security update
2013-03-12 05:31:44
nessus
nessus
Oracle Linux 6 : tomcat6 (ELSA-2013-0869)
2013-07-12 00:00:00
CentOS 6 : tomcat6 (CESA-2013:0869)
2013-05-30 00:00:00
RHEL 6 : tomcat6 (RHSA-2013:0869)
2013-05-29 00:00:00
veracode
veracode
Authentication Bypass
2019-05-02 04:55:34
redhat
redhat
(RHSA-2013:0869) Important: tomcat6 security update
2013-05-28 00:00:00
(RHSA-2013:0631) Moderate: jbossweb security update
2013-03-11 00:00:00
(RHSA-2013:0629) Moderate: jbossweb security update
2013-03-11 00:00:00
oraclelinux
oraclelinux
tomcat6 security update
2013-05-28 00:00:00
tomcat5 security update
2013-03-12 00:00:00
tomcat6 security update
2013-03-11 00:00:00
cve
cve
CVE-2012-5887
2012-11-17 19:55:02
CVE-2012-3439
2012-11-17 19:55:01
osv
osv
Improper Authentication in Apache Tomcat
2022-05-17 01:38:30
tomcat6 - several
2013-07-18 00:00:00
github
github
Improper Authentication in Apache Tomcat
2022-05-17 01:38:30
ibm
ibm
f5
f5
ubuntu
ubuntu
Tomcat vulnerabilities
2012-11-21 00:00:00
securityvulns
securityvulns
Apache Tomcat multiple security vulnerabilities
2012-11-26 00:00:00
[USN-1637-1] Tomcat vulnerabilities
2012-11-26 00:00:00
debian
debian
[SECURITY] [DSA 2725-1] tomcat6 security update
2013-07-18 17:58:50
vmware
vmware
VMware security updates for vCenter Server
2013-04-25 00:00:00
VMware security updates for vCenter Server
2013-04-25 00:00:00
gentoo
gentoo
Apache Tomcat: Multiple vulnerabilities
2014-12-15 00:00:00
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
AI Score
6.5
Confidence
High
EPSS
0.003
Percentile
71.6%
Related for CVE-2013-2051