Lucene search

[email protected]NVD:CVE-2003-0043

HistoryFeb 07, 2003 - 5:00 a.m.

CVE-2003-0043

2003-02-0705:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.003

Percentile

71.5%

JSON

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.

Affected configurations

Nvd

Node

apachetomcatMatch3.0

apachetomcatMatch3.1

apachetomcatMatch3.1.1

apachetomcatMatch3.2

apachetomcatMatch3.2.1

apachetomcatMatch3.2.3

apachetomcatMatch3.2.4

apachetomcatMatch3.3

apachetomcatMatch3.3.1

References

jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/

jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt

www.ciac.org/ciac/bulletins/n-060.shtml

www.debian.org/security/2003/dsa-246

www.securityfocus.com/advisories/5111

www.securityfocus.com/bid/6722

exchange.xforce.ibmcloud.com/vulnerabilities/11195

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.003

Percentile

71.5%

JSON

Related for NVD:CVE-2003-0043

cve1 cvelist1 nessus2 openvas5 tomcat1 osv1 debian2