Lucene search

K
cve[email protected]CVE-2011-1088
HistoryMar 14, 2011 - 7:55 p.m.

CVE-2011-1088

2011-03-1419:55:00
NVD-CWE-Other
web.nvd.nist.gov
30
cve-2011-1088
apache tomcat
security vulnerability
servletsecurity
access restrictions
nvd

4.2 Medium

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

56.4%

Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application.

4.2 Medium

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

56.4%

Related for CVE-2011-1088