Lucene search

K

PRIOn knowledge basePRION:CVE-2011-2204

HistoryJun 29, 2011 - 5:55 p.m.

Design/Logic Flaw

2011-06-2917:55:00

PRIOn knowledge base

www.prio-n.com

10

6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.9%

Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file.

CPENameOperatorVersion
tomcateq5.5.27
tomcateq5.5.18
tomcateq5.5.12
tomcateq5.5.14
tomcateq5.5.10
tomcateq5.5.4
tomcateq5.5.7
tomcateq5.5.1
tomcateq5.5.11
tomcateq5.5.28

Rows per page:

1-10 of 791

References

lists.apple.com/archives/security-announce/2012/Feb/msg00000.html

secunia.com/advisories/44981

secunia.com/advisories/48308

secunia.com/advisories/57126

securitytracker.com/id?1025712

support.apple.com/kb/HT5130

tomcat.apache.org/security-5.html

tomcat.apache.org/security-6.html

tomcat.apache.org/security-7.html

www.debian.org/security/2012/dsa-2401

www.mandriva.com/security/advisories?name=MDVSA-2011:156

www.osvdb.org/73429

www.redhat.com/support/errata/RHSA-2011-1845.html

www.securityfocus.com/bid/48456

bugzilla.redhat.com/show_bug.cgi?id=717013

exchange.xforce.ibmcloud.com/vulnerabilities/68238

lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E

marc.info/?l=bugtraq&m=132215163318824&w=2

marc.info/?l=bugtraq&m=133469267822771&w=2

marc.info/?l=bugtraq&m=136485229118404&w=2

marc.info/?l=bugtraq&m=139344343412337&w=2

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14931

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19532

6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.9%

Related for PRION:CVE-2011-2204

cve1 ubuntucve1 cvelist1 openvas35 debiancve1 nvd1 github1 osv2 nessus30 fedora4 amazon1 tomcat3 ubuntu1 oraclelinux3 redhat6 centos2 ibm2 debian1 gentoo1 securityvulns2