Lucene search
HistoryJul 09, 2013 - 5:55 p.m.
CVE-2013-2051
tomcat
digest authentication
vulnerability
red hat enterprise linux 6
cve-2013-2051
nvd
7.4 High
AI Score
Confidence
Low
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
65.8%
The Tomcat 6 DIGEST authentication functionality as used in Red Hat Enterprise Linux 6 allows remote attackers to bypass intended access restrictions by performing a replay attack after a nonce becomes stale. NOTE: this issue is due to an incomplete fix for CVE-2012-5887.
| CPE | Name | Operator | Version |
|---|---|---|---|
| redhat:enterprise_linux | redhat enterprise linux | eq | 6.0 |
Related
prion
prion
Authentication flaw
2013-07-09 17:55:00
Authentication flaw
2012-11-17 19:55:00
seebug
seebug
Apache Tomcat摘要验证不完整修复安全漏洞
2013-06-01 00:00:00
Apache Tomcat DIGEST Authentication重放攻击漏洞(CVE-2013-2051)
2013-05-30 00:00:00
ubuntucve
ubuntucve
CVE-2013-2051
2013-07-09 00:00:00
CVE-2012-5887
2012-11-17 00:00:00
debiancve
debiancve
CVE-2013-2051
2013-07-09 17:55:00
CVE-2012-5887
2012-11-17 19:55:00
openvas
openvas
CentOS Update for tomcat6 CESA-2013:0869 centos6
2013-05-31 00:00:00
CentOS Update for tomcat6 CESA-2013:0869 centos6
2013-05-31 00:00:00
RedHat Update for tomcat6 RHSA-2013:0869-01
2013-05-31 00:00:00
redhat
redhat
(RHSA-2013:0869) Important: tomcat6 security update
2013-05-28 00:00:00
(RHSA-2013:0631) Moderate: jbossweb security update
2013-03-11 00:00:00
(RHSA-2013:0632) Moderate: jbossweb security update
2013-03-11 00:00:00
centos
centos
tomcat6 security update
2013-05-29 08:25:00
tomcat5 security update
2013-03-12 19:14:34
tomcat6 security update
2013-03-12 05:31:44
nessus
nessus
Scientific Linux Security Update : tomcat6 on SL6.x (noarch) (20130528)
2013-05-29 00:00:00
Oracle Linux 6 : tomcat6 (ELSA-2013-0869)
2013-07-12 00:00:00
CentOS 6 : tomcat6 (CESA-2013:0869)
2013-05-30 00:00:00
veracode
veracode
Authentication Bypass
2019-05-02 04:55:34
oraclelinux
oraclelinux
tomcat6 security update
2013-05-28 00:00:00
tomcat5 security update
2013-03-12 00:00:00
tomcat6 security update
2013-03-11 00:00:00
cve
cve
CVE-2012-5887
2012-11-17 19:55:00
CVE-2012-3439
2012-11-17 19:55:00
osv
osv
Improper Authentication in Apache Tomcat
2022-05-17 01:38:30
tomcat6 - several
2013-07-18 00:00:00
github
github
Improper Authentication in Apache Tomcat
2022-05-17 01:38:30
ibm
ibm
ubuntu
ubuntu
Tomcat vulnerabilities
2012-11-21 00:00:00
f5
f5
securityvulns
securityvulns
Apache Tomcat multiple security vulnerabilities
2012-11-26 00:00:00
[USN-1637-1] Tomcat vulnerabilities
2012-11-26 00:00:00
debian
debian
[SECURITY] [DSA 2725-1] tomcat6 security update
2013-07-18 17:58:50
vmware
vmware
VMware security updates for vCenter Server
2013-04-25 00:00:00
VMware security updates for vCenter Server
2013-04-25 00:00:00
gentoo
gentoo
Apache Tomcat: Multiple vulnerabilities
2014-12-15 00:00:00
7.4 High
AI Score
Confidence
Low
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
65.8%
Related for CVE-2013-2051