Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-3546HistoryDec 19, 2012 - 11:55 a.m.
CVE-2012-3546
2012-12-1911:55:00
Debian Security Bug Tracker
security-tracker.debian.org
15
0.003 Low
EPSS
Percentile
69.2%
org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows remote attackers to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_check at the end of a URI.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | tomcat7 | <ย 7.0.75-1 | tomcat7_7.0.75-1_all.deb |
Related
redhat
redhat
(RHSA-2013:0163) Important: jbossweb security update
2013-01-15 00:00:00
(RHSA-2013:0005) Important: tomcat6 security update
2013-01-03 22:47:24
(RHSA-2013:0157) Important: tomcat6 security update
2013-01-14 00:00:00
nessus
nessus
RHEL 5 / 6 : jbossweb (RHSA-2013:0164)
2013-01-24 00:00:00
RHEL 5 / 6 : JBoss Web Server (RHSA-2013:0005)
2014-06-26 00:00:00
RHEL 5 / 6 : JBoss Web Server (RHSA-2013:0641)
2014-11-08 00:00:00
securityvulns
securityvulns
CVE-2012-3546 Apache Tomcat Bypass of security constraints
2012-12-07 00:00:00
Apache Tomcat multiple security vulnerabilities
2012-12-07 00:00:00
veracode
veracode
Authentication Bypass When FORM Authentication Is Used
2019-01-15 08:52:32
Privilege Escalation
2019-05-02 04:46:48
Plaintext Weak Encryption
2019-05-02 04:46:04
prion
prion
Authentication flaw
2012-12-19 11:55:00
cve
cve
CVE-2012-3546
2012-12-19 11:55:54
osv
osv
Authentication Bypass in Apache Tomcat
2022-05-17 00:59:04
tomcat6 - several
2013-07-18 00:00:00
freebsd
freebsd
tomcat -- bypass of security constraints
2012-12-04 00:00:00
ubuntucve
ubuntucve
CVE-2012-3546
2012-12-19 00:00:00
github
github
Authentication Bypass in Apache Tomcat
2022-05-17 00:59:04
cvelist
cvelist
CVE-2012-3546
2012-12-19 11:00:00
nvd
nvd
CVE-2012-3546
2012-12-19 11:55:54
seebug
seebug
Apache Tomcat FORM่บซไปฝ้ช่ฏๅฎๅ
จ็ป่ฟๆผๆด
2012-12-07 00:00:00
thn
thn
Apache Tomcat Multiple Critical Vulnerabilities
2012-12-05 06:45:00
Apache Tomcat Multiple Critical Vulnerabilities
2012-12-05 17:45:00
atlassian
atlassian
Upgrade bundled Tomcat to the latest minor release
2013-06-19 09:30:24
Upgrade bundled Tomcat to the latest minor release
2013-06-19 09:30:24
Upgrade bundled Tomcat to the latest minor release
2013-06-19 09:30:24
ubuntu
ubuntu
Tomcat vulnerabilities
2013-01-14 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 7.0.30
2012-09-06 00:00:00
Fixed in Apache Tomcat 6.0.36
2012-10-19 00:00:00
openvas
openvas
Apache Tomcat 7.0.x < 7.0.29 Multiple Vulnerabilities - Linux
2021-10-29 00:00:00
Ubuntu: Security Advisory (USN-1685-1)
2013-01-15 00:00:00
Ubuntu Update for tomcat7 USN-1685-1
2013-01-15 00:00:00
centos
centos
tomcat5 security update
2013-03-12 19:14:34
tomcat6 security update
2013-03-12 05:31:44
oraclelinux
oraclelinux
tomcat5 security update
2013-03-12 00:00:00
tomcat6 security update
2013-03-11 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: tomcat-7.0.33-1.fc16
2012-12-19 08:29:53
f5
f5
K20038622 : Multiple Apache Tomcat vulnerabilities
2020-08-06 00:00:00
debian
debian
[SECURITY] [DSA 2725-1] tomcat6 security update
2013-07-18 17:58:50
vmware
vmware
VMware security updates for vCenter Server
2013-04-25 00:00:00
VMware security updates for vCenter Server
2013-04-25 00:00:00
gentoo
gentoo
Apache Tomcat: Multiple vulnerabilities
2014-12-15 00:00:00
