4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.013 Low
EPSS
Percentile
85.8%
Low: Cross-site scripting CVE-2011-0013
The HTML Manager interface displayed web application provided data, such as display names, without filtering. A malicious web application could trigger script execution by an administrative user when viewing the manager pages.
This was fixed in revision 1057270.
This was identified by the Tomcat security team on 12 Nov 2010 and made public on 5 Feb 2011.
Affects: 6.0.0-6.0.29
Moderate: Cross-site scripting CVE-2010-4172
The Manager application used the user provided parameters sort and orderBy directly without filtering thereby permitting cross-site scripting.
This was fixed in revision 1037779.
This was first reported to the Tomcat security team on 15 Nov 2010 and made public on 22 Nov 2010.
Affects: 6.0.12-6.0.29
Low: SecurityManager file permission bypass CVE-2010-3718
When running under a SecurityManager, access to the file system is limited but web applications are granted read/write permissions to the work directory. This directory is used for a variety of temporary files such as the intermediate files generated when compiling JSPs to Servlets. The location of the work directory is specified by a ServletContect attribute that is meant to be read-only to web applications. However, due to a coding error, the read-only setting was not applied. Therefore, a malicious web application may modify the attribute before Tomcat applies the file permissions. This can be used to grant read/write permissions to any area on the file system which a malicious web application may then take advantage of. This vulnerability is only applicable when hosting web applications from untrusted sources such as shared hosting environments.
This was fixed in revision 1022560.
This was discovered by the Tomcat security team on 12 Oct 2010 and made public on 5 Feb 2011.
Affects: 6.0.0-6.0.29
CPE | Name | Operator | Version |
---|---|---|---|
apache tomcat | ge | 6.0.0 | |
apache tomcat | ge | 6.0.12 | |
apache tomcat | le | 6.0.29 |