CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
91.9%
The version of Apache Tomcat installed on the remote host is version 7.x prior to 7.0.53. It is, therefore, affected by the following vulnerabilities:
An error exists related to chunk size and chunked requests that could allow denial of service attacks. (CVE-2014-0075)
An error exists related to XSLT handling and security managers that could allow security bypass related to external XML entities. (CVE-2014-0096)
An error exists related to content length header handling and using the application behind a reverse proxy that could allow security bypass. (CVE-2014-0099)
Binary data 8935.pasl