A vulnerability was discovered in Tomcat where the CORS Filter did not send a “Vary: Origin” HTTP header. This potentially allowed sensitive data to be leaked to other visitors through both client-side and server-side caches.

References

bugzilla.redhat.com/show_bug.cgi?id=1480618

tomcat.apache.org/security-7.html https://tomcat.apache.org/security-8.html

nvd 1

osv 4

ibm 14

nessus 23

cvelist 1

fedora 2

tomcat 4

debiancve 1

cve 1

openvas 14

prion 1

veracode 1

ubuntucve 1

amazon 3

github 1

f5 1

mageia 1

debian 3

suse 4

redhat 3

centos 1

ubuntu 1

oraclelinux 1

symantec 1

oracle 1

nvd

CVE-2017-7674

2017-08-11 02:29:00

osv

CVE-2017-7674

2017-08-11 02:29:00

tomcat8 - security update

2017-09-15 00:00:00

Insufficient Verification of Data Authenticity in Apache Tomcat

2022-05-14 01:10:15

ibm

Security Bulletin: Security vulnerability has been identified in Jazz Reporting Service shipped with Rational Reporting for Development Intelligence (CVE-2017-7674)

2018-06-17 05:26:48

Security Bulletin: IBM Integration Bus is affected by an Apache Tomcat related vulnerability (CVE-2017-7674)

2020-03-23 20:41:52

Security Bulletin: Security vulnerability in Apache Tomcat affect multiple IBM Rational products based on IBM's Jazz technology

2021-04-28 18:35:50

nessus

Apache Tomcat 8.0.0.RC1 < 8.0.45

2017-08-18 00:00:00

Amazon Linux AMI : tomcat7 / tomcat8 (ALAS-2017-903)

2017-10-03 00:00:00

Fedora 26 : 1:tomcat (2017-ab0def38cd)

2017-09-15 00:00:00

cvelist

CVE-2017-7674

2017-08-10 00:00:00

fedora

[SECURITY] Fedora 26 Update: tomcat-8.0.46-1.fc26

2017-09-14 21:55:47

[SECURITY] Fedora 25 Update: tomcat-8.0.46-1.fc25

2017-09-15 03:51:31

tomcat

Fixed in Apache Tomcat 8.0.45

2017-07-01 00:00:00

Fixed in Apache Tomcat 7.0.79

2017-07-01 00:00:00

Fixed in Apache Tomcat 9.0.0.M22

2017-06-26 00:00:00

debiancve

CVE-2017-7674

2017-08-11 02:29:00

cve

CVE-2017-7674

2017-08-11 02:29:00

openvas

Fedora Update for tomcat FEDORA-2017-a00a087fd4

2017-09-15 00:00:00

Fedora Update for tomcat FEDORA-2017-ab0def38cd

2017-09-15 00:00:00

Debian: Security Advisory (DSA-3974-1)

2017-09-14 00:00:00

prion

Design/Logic Flaw

2017-08-11 02:29:00

veracode

Cache Poisoning

2017-08-11 04:26:48

ubuntucve

CVE-2017-7674

2017-08-10 00:00:00

amazon

Medium: tomcat7, tomcat8

2017-10-02 16:47:00

Important: tomcat8

2017-08-03 18:49:00

Important: tomcat7

2017-08-17 18:30:00

github

Insufficient Verification of Data Authenticity in Apache Tomcat

2022-05-14 01:10:15

K92665308 : Apache Tomcat vulnerabilities CVE-2017-7674 and CVE-2017-7675

2017-08-17 00:00:00

mageia

Updated tomcat packages fix security vulnerability

2017-09-21 16:43:32

debian

[SECURITY] [DSA 3974-1] tomcat8 security update

2017-09-15 15:20:36

[SECURITY] [DSA 3974-1] tomcat8 security update

2017-09-15 15:20:36

[SECURITY] [DLA 1400-1] tomcat7 security update

2018-06-27 20:56:21

suse

Security update for tomcat (important)

2017-11-22 15:08:02

Security update for tomcat (important)

2017-11-24 00:09:51

Security update for tomcat (important)

2017-12-13 21:10:17

redhat

(RHSA-2017:3081) Important: tomcat security update

2017-10-29 22:36:17

(RHSA-2017:1801) Important: Red Hat JBoss Web Server 3.1.0 Service Pack 1 security update

2017-07-25 16:31:15

(RHSA-2017:1802) Important: Red Hat JBoss Web Server Service Pack 1 security update

2017-07-25 17:45:08

centos

tomcat security update

2017-10-30 11:36:20

ubuntu

Tomcat vulnerabilities

2018-01-08 00:00:00

oraclelinux

tomcat security update

2017-10-30 00:00:00

symantec

SA156: Apache Tomcat Vulnerabilities Apr-Oct 2017

2017-11-07 08:00:00

oracle

Oracle Critical Patch Update - April 2018

2018-04-17 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.003 Low

EPSS

Percentile

68.4%

JSON

Related for RH:CVE-2017-7674