Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMEC830A809C3DE3DB9FB5FC8B91AF7F5A42F1217E9E279C16808286246593B31D
HistoryJun 17, 2018 - 4:55 a.m.

Security Bulletin: Open Source Apache Tomcat - 4 issues (CVE-2013-4286) for RAF

2018-06-1704:55:52
www.ibm.com
14

0.005 Low

EPSS

Percentile

77.0%

JSON

Summary

Previous releases of IBM Rational Automation Framework (RAF) are affected by the vulnerabilitie in Apache Tomcat that may allow remote attackers to influence the availability of the Framework Server.

Vulnerability Details

| Subscribe to My Notifications to be notified of important product support alerts like this.

  • Follow this link for more information (requires login with your IBM ID)
    โ€”|โ€”

CVE ID:CVE-2013-4286** **

Description: Open Source Apache Tomcat - HTTP request smuggling issue.

CVSS Base Score: 4.3 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/91426&gt; for the current score. *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

Affected Products and Versions

Rational Automation Framework 3.0.1, 3.0.1.1 and 3.0.1.2 on all supported platforms.

Remediation/Fixes

For all affected versions of Rational Automation Framework_
_Upgrade to Rational Automation Framework version 3.0.1.2_iFix1 or later.

Workarounds and Mitigations

None

Related

redhat 14
openvas 19
ibm 16
nvd 2
prion 2
securityvulns 5
seebug 2
osv 4
cve 2
veracode 2
ubuntucve 1
tomcat 3
cvelist 1
debiancve 1
github 1
nessus 23
mageia 2
fedora 1
oraclelinux 3
amazon 1
ubuntu 1
centos 1
debian 3
gentoo 1
oracle 5
redhat
redhat
(RHSA-2014:0458) Moderate: Red Hat JBoss Data Virtualization 6.0.0 security update
2014-04-30 18:58:00
(RHSA-2014:0374) Important: Red Hat JBoss Data Grid 6.2.1 update
2014-04-03 21:51:02
(RHSA-2014:0511) Important: Red Hat JBoss Operations Network 3.2.1 security update
2014-05-15 17:17:17
openvas
openvas
Apache Tomcat Multiple Vulnerabilities - 01 (Mar 2014)
2014-03-25 00:00:00
Mageia: Security Advisory (MGASA-2014-0148)
2022-01-28 00:00:00
Mageia: Security Advisory (MGASA-2014-0149)
2022-01-28 00:00:00
ibm
ibm
Security Bulletin: Rational Build Forge Security Advisory (CVE-2013-4286)
2018-06-17 04:53:14
Security Bulletin: The IBM V840 product model number AE1 node is affected by vulnerabilities in Apache Tomcat
2018-06-18 00:08:27
Security Bulletin: The IBM FlashSystem 840 product is affected by vulnerabilities in Apache Tomcat
2023-02-18 01:45:50
nvd
nvd
CVE-2014-4286
2014-06-18 21:55:03
CVE-2013-4286
2014-02-26 14:55:08
prion
prion
Design/Logic Flaw
2014-06-18 21:55:00
Design/Logic Flaw
2014-02-26 14:55:00
securityvulns
securityvulns
[SECURITY] CVE-2013-4286 Incomplete fix for CVE-2005-2090 &#40;Information disclosure&#41;
2014-02-28 00:00:00
Apache Tomcat multiple security vulnerabilities
2014-03-31 00:00:00
Oracle / Sun / PeopleSoft / MySQL applications security vulnerabilities
2014-07-21 00:00:00
seebug
seebug
Apache Tomcat ๅฎ‰ๅ…จ้™ๅˆถ็ป•่ฟ‡ๆผๆดž
2014-02-26 00:00:00
Apache TomcatไธๅฎŒๆ•ดไฟฎๅคไฟกๆฏๆณ„ๆผๆผๆดž
2014-02-27 00:00:00
osv
osv
Apache Tomcat is vulnerable to HTTP request-smuggling
2022-05-14 01:10:36
tomcat6 - security update
2014-11-23 00:00:00
tomcat6 - regression update
2014-11-23 00:00:00
cve
cve
CVE-2014-4286
2014-06-18 21:55:03
CVE-2013-4286
2014-02-26 14:55:08
veracode
veracode
Request-smuggling Attacks
2019-01-15 08:59:20
Authorization Bypass
2019-05-02 05:02:08
ubuntucve
ubuntucve
CVE-2013-4286
2014-02-26 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 7.0.47
2013-10-24 00:00:00
Fixed in Apache Tomcat 8.0.0-RC3
2013-09-23 00:00:00
Fixed in Apache Tomcat 6.0.39
2014-01-31 00:00:00
cvelist
cvelist
CVE-2013-4286
2014-02-26 11:00:00
debiancve
debiancve
CVE-2013-4286
2014-02-26 14:55:00
github
github
Apache Tomcat is vulnerable to HTTP request-smuggling
2022-05-14 01:10:36
nessus
nessus
RHEL 5 : Red Hat JBoss Enterprise Application Platform 6.2.2 update (Moderate) (RHSA-2014:0343)
2014-04-01 00:00:00
RHEL 6 : JBoss EAP (RHSA-2014:0344)
2014-04-01 00:00:00
Oracle Linux 7 : tomcat (ELSA-2014-0686)
2014-07-24 00:00:00
mageia
mageia
Updated tomcat package fixes security vulnerabilities
2014-04-03 04:16:05
Updated tomcat package fixes security vulnerabilities
2014-04-03 04:16:05
fedora
fedora
[SECURITY] Fedora 20 Update: tomcat-7.0.52-1.fc20
2014-09-26 09:02:42
oraclelinux
oraclelinux
tomcat6 security update
2014-04-23 00:00:00
tomcat security update
2014-07-20 00:00:00
tomcat security, bug fix, and enhancement update
2017-08-07 00:00:00
amazon
amazon
Medium: tomcat6
2014-05-21 10:45:00
ubuntu
ubuntu
Tomcat vulnerabilities
2014-03-06 00:00:00
centos
centos
tomcat6 security update
2014-04-23 19:07:14
debian
debian
[SECURITY] [DSA 2897-1] tomcat7 security update
2014-04-08 18:25:14
[SECURITY] [DLA 91-1] tomcat6 security update
2014-11-23 09:02:25
[SECURITY] [DSA 3530-1] tomcat6 security update
2016-03-25 18:47:56
gentoo
gentoo
Apache Tomcat: Multiple vulnerabilities
2014-12-15 00:00:00
oracle
oracle
Oracle Critical Patch Update - April 2015
2015-04-14 00:00:00
Oracle Critical Patch Update - July 2014
2014-07-15 00:00:00
Oracle Critical Patch Update - October 2014
2014-10-14 00:00:00

0.005 Low

EPSS

Percentile

77.0%

JSON
Related for EC830A809C3DE3DB9FB5FC8B91AF7F5A42F1217E9E279C16808286246593B31D
redhat14openvas19ibm16nvd2prion2securityvulns5seebug2osv4cve2veracode2ubuntucve1tomcat3cvelist1debiancve1github1nessus23mageia2fedora1oraclelinux3amazon1ubuntu1centos1debian3gentoo1oracle5