CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
98.1%
Versions of Apache Tomcat earlier than 6.0.37 are potentially affected by multiple vulnerabilities :
An error exists related to chunked transfer encoding and extensions that could allow limited denial of service attacks. (CVE-2012-3544)
An error exists related to HTML form authentication and session fixation that could allow an attacker to carry out requests using a victim’s credentials. (CVE-2013-2067)
Binary data 6832.pasl