Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:13537
HistoryMar 25, 2019 - 8:40 a.m.

Restriction Bypass

2019-03-2508:40:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14

EPSS

0.004

Percentile

74.0%

JSON

JULI logging component is vulnerable to restriction bypass vulnerability.It uses the default security policy which does not restrict this configuration and allows an untrusted web application to add files or overwrite existing files where the Tomcat process has the necessary file permissions to do so.

References

Related

nvd 1
securityvulns 2
prion 1
osv 2
ubuntucve 1
seebug 1
github 1
cvelist 1
cve 1
openvas 21
nessus 24
redhat 4
oraclelinux 1
centos 1
gentoo 1
debian 1
tomcat 2
fedora 3
vmware 4
nvd
nvd
CVE-2007-5342
2007-12-27 22:46:00
securityvulns
securityvulns
[CVE-2007-5342] Apache Tomcat's default security policy is too open
2007-12-26 00:00:00
Apache Tomcat weak default permissions
2007-12-26 00:00:00
prion
prion
Design/Logic Flaw
2007-12-27 22:46:00
osv
osv
JULI logging component in Apache Tomcat does not restrict certain permissions for web applications
2022-05-01 18:32:22
tomcat5.5 several vulnerabilities
2008-01-03 00:00:00
ubuntucve
ubuntucve
CVE-2007-5342
2007-12-27 00:00:00
seebug
seebug
Apache Tomcat JULIๆ—ฅๅฟ—็ป„ไปถ้ป˜่ฎคๅฎ‰ๅ…จ็ญ–็•ฅๆผๆดž
2007-12-26 00:00:00
github
github
JULI logging component in Apache Tomcat does not restrict certain permissions for web applications
2022-05-01 18:32:22
cvelist
cvelist
CVE-2007-5342
2007-12-27 22:00:00
cve
cve
CVE-2007-5342
2007-12-27 22:46:00
openvas
openvas
Oracle: Security Advisory (ELSA-2008-0042)
2015-10-08 00:00:00
RedHat Update for tomcat RHSA-2008:0042-01
2009-03-06 00:00:00
RedHat Update for tomcat RHSA-2008:0042-01
2009-03-06 00:00:00
nessus
nessus
Oracle Linux 5 : tomcat (ELSA-2008-0042)
2013-07-12 00:00:00
RHEL 4 : JBoss EAP (RHSA-2008:0833)
2013-01-24 00:00:00
CentOS 5 : tomcat (CESA-2008:0042)
2010-01-06 00:00:00
redhat
redhat
(RHSA-2008:0832) Low: JBoss Enterprise Application Platform 4.3.0CP02 security update
2008-09-22 00:00:00
(RHSA-2008:0042) Moderate: tomcat security update
2008-03-11 00:00:00
(RHSA-2008:0195) Moderate: tomcat security update
2008-04-28 00:00:00
oraclelinux
oraclelinux
Moderate: tomcat security update
2008-03-11 00:00:00
centos
centos
tomcat5 security update
2008-03-19 00:04:06
gentoo
gentoo
Tomcat: Multiple vulnerabilities
2008-04-10 00:00:00
debian
debian
[SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities
2008-01-03 21:54:49
tomcat
tomcat
Fixed in Apache Tomcat 5.5.26
2008-02-05 00:00:00
Fixed in Apache Tomcat 6.0.16
2008-02-08 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: tomcat5-5.5.26-1jpp.2.fc8
2008-02-13 05:14:35
[SECURITY] Fedora 7 Update: tomcat5-5.5.26-1jpp.2.fc7
2008-02-13 04:55:03
[SECURITY] Fedora 8 Update: tomcat5-5.5.27-0jpp.2.fc8
2008-09-16 23:28:35
vmware
vmware
Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter
2008-06-16 00:00:00
Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter
2008-06-16 00:00:00
VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components
2009-11-20 00:00:00

EPSS

0.004

Percentile

74.0%

JSON
Related for VERACODE:13537
nvd1securityvulns2prion1osv2ubuntucve1seebug1github1cvelist1cve1openvas21nessus24redhat4oraclelinux1centos1gentoo1debian1tomcat2fedora3vmware4