The Apache Software Foundation has released security updates to address a vulnerability in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33, and 7.0.23 to 7.0.90. A remote attacker could exploit this vulnerability to obtain sensitive information.

NCCIC encourages users and administrators to review the Apache security advisory for CVE-2018-11784.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we’d welcome your feedback.

References

mail-archives.us.apache.org/mod_mbox/www-announce/201810.mbox/%[email protected]%3e

ibm 17

prion 1

redhatcve 1

f5 1

nessus 35

nuclei 1

openvas 24

debian 3

checkpoint_advisories 1

osv 8

nvd 1

github 2

centos 1

kaspersky 1

amazon 3

oraclelinux 3

debiancve 1

cve 1

zdt 1

ubuntucve 1

veracode 2

ubuntu 1

packetstorm 1

suse 5

fedora 3

redhat 6

atlassian 3

symantec 2

tomcat 3

cvelist 1

exploitdb 1

almalinux 1

mageia 1

rocky 1

hackerone 1

avleonov 1

oracle 6

ibm

Security Bulletin: Security vulnerabilities in Apache Tomcat affect multiple IBM Rational products based on IBM's Jazz technology

2021-04-28 18:35:50

Security Bulletin: Vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( CVE-2018-11784)

2023-03-29 01:48:02

Security Bulletin: A vulnerability in Apache Tomcat affects the IBM FlashSystem 840 and 900

2023-02-18 01:45:50

prion

Design/Logic Flaw

2018-10-04 13:29:00

redhatcve

CVE-2018-11784

2019-11-02 09:34:32

K64921482 : Apache Tomcat vulnerability CVE-2018-11784

2018-10-25 00:00:00

nessus

RHEL 7 : tomcat (RHSA-2019:0485)

2019-03-14 00:00:00

Amazon Linux AMI : tomcat7 (ALAS-2018-1099)

2018-11-08 00:00:00

Amazon Linux 2 : tomcat (ALAS-2019-1192)

2019-04-18 00:00:00

nuclei

Apache Tomcat - Open Redirect

2021-03-18 16:22:01

openvas

openSUSE: Security Advisory for tomcat (openSUSE-SU-2018:4042-1)

2018-12-10 00:00:00

CentOS Update for tomcat CESA-2019:0485 centos7

2019-03-21 00:00:00

SUSE: Security Advisory (SUSE-SU-2018:3393-1)

2021-04-19 00:00:00

debian

[SECURITY] [DLA 1544-1] tomcat7 security update

2018-10-14 20:43:08

[SECURITY] [DLA 1545-1] tomcat8 security update

2018-10-15 16:56:28

[SECURITY] [DSA 4596-1] tomcat8 security update

2019-12-27 22:15:49

checkpoint_advisories

Apache Tomcat Default Servlet Open Redirect (CVE-2018-11784)

2019-02-19 00:00:00

osv

Apache Tomcat Open Redirect vulnerability

2018-10-17 16:31:02

CVE-2018-11784

2018-10-04 13:29:00

tomcat7 - security update

2018-10-14 00:00:00

nvd

CVE-2018-11784

2018-10-04 13:29:00

github

Apache Tomcat Open Redirect vulnerability

2018-10-17 16:31:02

Open Redirect

2022-03-18 17:55:07

centos

tomcat security update

2019-03-19 14:33:17

kaspersky

KLA11327 SB vulnerability in Apache Tomcat

2018-10-03 00:00:00

amazon

Medium: tomcat

2019-04-04 22:00:00

Medium: tomcat7

2018-11-05 19:35:00

Important: tomcat8

2019-05-16 23:11:00

oraclelinux

tomcat security update

2019-03-13 00:00:00

pki-deps:10.6 security update

2019-07-30 00:00:00

tomcat security, bug fix, and enhancement update

2019-08-13 00:00:00

debiancve

CVE-2018-11784

2018-10-04 13:29:00

cve

CVE-2018-11784

2018-10-04 13:29:00

zdt

Apache Tomcat 9.0.0.M1 - Open Redirect Vulnerability

2021-07-13 00:00:00

ubuntucve

CVE-2018-11784

2018-10-04 00:00:00

veracode

Open Redirection

2018-10-04 09:06:12

Open Redirection

2019-01-15 09:25:50

ubuntu

Tomcat vulnerability

2018-10-10 00:00:00

packetstorm

Apache Tomcat 9.0.0M1 Open Redirect

2021-07-11 00:00:00

suse

Security update for tomcat (moderate)

2018-10-25 18:22:29

Security update for tomcat (moderate)

2018-12-08 00:21:25

Security update for virtualbox (important)

2019-01-25 00:00:00

fedora

[SECURITY] Fedora 29 Update: tomcat-9.0.13-1.fc29

2019-02-13 02:48:13

[SECURITY] Fedora 29 Update: tomcat-9.0.21-1.fc29

2019-07-04 02:51:06

[SECURITY] Fedora 28 Update: tomcat-8.5.35-1.fc28

2019-04-03 02:02:31

redhat

(RHSA-2019:0485) Moderate: tomcat security update

2019-03-12 08:24:45

(RHSA-2019:0131) Moderate: Red Hat JBoss Web Server 3.1 Service Pack 6 security and bug fix update

2019-01-22 13:28:13

(RHSA-2018:2868) Important: Red Hat JBoss Web Server 5.0 Service Pack 1 security and bug fix update

2018-10-03 13:41:48

atlassian

Update Tomcat to 8.5.34 to avoid CVE-2018-11784

2018-10-10 09:22:17

Update Tomcat to 8.5.34 to avoid CVE-2018-11784

2018-10-10 09:22:17

Upgrade to Tomcat 8.5.32 necessary

2018-08-01 09:33:53

symantec

Apache Tomcat CVE-2018-11784 Open Redirection Vulnerability

2018-10-03 00:00:00

Apache Tomcat Vulnerabilities Oct 2018 – Feb 2020

2020-05-12 19:02:01

tomcat

Fixed in Apache Tomcat 8.5.34

2018-09-10 00:00:00

Fixed in Apache Tomcat 7.0.91

2018-09-19 00:00:00

Fixed in Apache Tomcat 9.0.12

2018-09-10 00:00:00

cvelist

CVE-2018-11784

2018-10-03 00:00:00

exploitdb

Apache Tomcat 9.0.0.M1 - Open Redirect

2021-07-13 00:00:00

almalinux

Important: pki-deps:10.6 security update

2019-06-18 16:36:21

mageia

Updated tomcat packages fix security vulnerabilities

2018-12-10 00:20:39

rocky

pki-deps:10.6 security update

2019-06-18 16:36:21

hackerone

U.S. Dept Of Defense: Tomcat examples available for public, Disclosure Apache Tomcat version, Critical/High/Medium CVE

2020-05-14 19:38:44

avleonov

Last Week’s Security news: Exploits for ForgeRock, vSphere, Apache Tomcat, new Print Spooler vuln, Kaseya Patch and REvil, SolarWinds, Schneider Electric, Bulletins

2021-07-19 16:29:00

oracle

Oracle Critical Patch Update Advisory - January 2019

2019-01-15 00:00:00

Oracle Critical Patch Update Advisory - October 2019

2020-01-22 00:00:00

Oracle Critical Patch Update Advisory - April 2019

2019-04-16 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.784

Percentile

98.3%

JSON

Related for CISA:1F248E306735F9135C48F3F3143C4B37