Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
tomcatApache TomcatTOMCAT:4DD80A81429F4A4C44831FA29912355D
HistoryJul 24, 2008 - 12:00 a.m.

Fixed in Apache Tomcat 5.5.1

2008-07-2400:00:00
Apache Tomcat
tomcat.apache.org
12

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

60.0%

JSON

Low: Information disclosure CVE-2008-3271

Bug 25835 can, in rare circumstances - this has only been reproduced using a debugger to force a particular processing sequence for two threads - allow a user from a non-permitted IP address to gain access to a context that is protected with a valve that extends RequestFilterValve. This includes the standard RemoteAddrValve and RemoteHostValve implementations.

Affects: 5.5.0 (5.0.x unknown)

CPENameOperatorVersion
apache tomcateq5.5.0

Related

openvas 5
securityvulns 2
seebug 2
nessus 6
jvn 1
cvelist 1
cve 1
prion 1
nvd 1
ubuntucve 1
veracode 1
redhat 1
tomcat 1
openvas
openvas
SLES10: Security update for Tomcat 5
2009-10-13 00:00:00
SLES9: Security update for Tomcat
2009-10-10 00:00:00
Apache Tomcat RemoteFilterValve Security Bypass Vulnerability
2008-10-16 00:00:00
securityvulns
securityvulns
Apache Tomcat information leak
2008-10-12 00:00:00
[SECURITY] CVE-2008-3271 - Apache Tomcat information disclosure
2008-10-12 00:00:00
seebug
seebug
Apache Tomcat 'RemoteFilterValve'ๅฎ‰ๅ…จ็ป•่ฟ‡ๆผๆดž
2008-10-14 00:00:00
Apache Tomcat RemoteFilterValve็ป•่ฟ‡ๅฎ‰ๅ…จ้™ๅˆถๆผๆดž
2008-10-15 00:00:00
nessus
nessus
Apache Tomcat 5.x < 5.5.1 Information Disclosure
2010-06-16 00:00:00
SuSE 10 Security Update : Tomcat 5 (ZYPP Patch Number 5689)
2008-10-27 00:00:00
openSUSE 10 Security Update : tomcat5 (tomcat5-5684)
2008-10-17 00:00:00
jvn
jvn
JVN#30732239: Apache Tomcat allows access from a non-permitted IP address
2008-10-10 00:00:00
cvelist
cvelist
CVE-2008-3271
2008-10-13 18:00:00
cve
cve
CVE-2008-3271
2008-10-13 20:00:02
prion
prion
Cross site request forgery (csrf)
2008-10-13 20:00:00
nvd
nvd
CVE-2008-3271
2008-10-13 20:00:02
ubuntucve
ubuntucve
CVE-2008-3271
2008-10-13 00:00:00
veracode
veracode
Information Disclosure
2018-11-09 02:33:38
redhat
redhat
(RHSA-2008:1007) Low: tomcat security update for Red Hat Network Satellite Server
2008-12-08 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 4.1.32
2005-11-06 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

60.0%

JSON
Related for TOMCAT:4DD80A81429F4A4C44831FA29912355D
openvas5securityvulns2seebug2nessus6jvn1cvelist1cve1prion1nvd1ubuntucve1veracode1redhat1tomcat1