Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-4431HistoryDec 19, 2012 - 11:55 a.m.
CVE-2012-4431
2012-12-1911:55:00
Debian Security Bug Tracker
security-tracker.debian.org
12
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | tomcat7 | <Β 7.0.75-1 | tomcat7_7.0.75-1_all.deb |
Related
prion
prion
Cross site request forgery (csrf)
2012-12-19 11:55:00
nessus
nessus
Apache Tomcat 7.0.x < 7.0.32 XSRF Filter Bypass
2012-12-10 00:00:00
FreeBSD : tomcat -- bypass of CSRF prevention filter (953911fe-51ef-11e2-8e34-0022156e8794)
2012-12-31 00:00:00
RHEL 5 / 6 : JBoss Web Server (RHSA-2013:0268)
2014-06-26 00:00:00
redhat
redhat
(RHSA-2013:0267) Moderate: tomcat7 security update
2013-02-19 20:30:19
(RHSA-2013:0268) Moderate: tomcat7 security update
2013-02-19 20:31:14
(RHSA-2013:1853) Moderate: Red Hat JBoss Operations Network 3.2.0 update
2013-12-17 18:29:43
veracode
veracode
Cross-site Request Forgery (CSRF)
2019-01-15 08:56:33
securityvulns
securityvulns
CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter
2012-12-07 00:00:00
Apache Tomcat multiple security vulnerabilities
2012-12-07 00:00:00
seebug
seebug
Apache Tomcat θ·¨η«θ―·ζ±δΌͺι ζΌζ΄
2012-12-07 00:00:00
ubuntucve
ubuntucve
CVE-2012-4431
2012-12-19 00:00:00
github
github
Cross-Site Request Forgery in Apache Tomcat
2022-05-17 00:57:51
freebsd
freebsd
tomcat -- bypass of CSRF prevention filter
2012-12-04 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 7.0.32
2012-10-09 00:00:00
Fixed in Apache Tomcat 6.0.36
2012-10-19 00:00:00
cve
cve
CVE-2012-4431
2012-12-19 11:55:00
osv
osv
Cross-Site Request Forgery in Apache Tomcat
2022-05-17 00:57:51
tomcat6 - several
2013-07-18 00:00:00
openvas
openvas
Ubuntu Update for tomcat7 USN-1685-1
2013-01-15 00:00:00
Ubuntu: Security Advisory (USN-1685-1)
2013-01-15 00:00:00
Apache Tomcat 6.x < 6.0.36 Multiple Vulnerabilities (Oct 2012) - Linux
2021-10-29 00:00:00
thn
thn
Apache Tomcat Multiple Critical Vulnerabilities
2012-12-05 17:45:00
Apache Tomcat Multiple Critical Vulnerabilities
2012-12-05 06:45:00
ubuntu
ubuntu
Tomcat vulnerabilities
2013-01-14 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: tomcat-7.0.33-1.fc16
2012-12-19 08:29:53
f5
f5
K20038622 : Multiple Apache Tomcat vulnerabilities
2020-08-06 00:00:00
atlassian
atlassian
Upgrade bundled Tomcat to 6.0.37
2013-05-21 00:23:31
Upgrade bundled Tomcat to 6.0.37
2013-05-21 00:23:31
Upgrade bundled Tomcat to 6.0.37
2013-05-21 00:23:31
debian
debian
[SECURITY] [DSA 2725-1] tomcat6 security update
2013-07-18 17:58:50
vmware
vmware
VMware security updates for vCenter Server
2013-04-25 00:00:00
VMware security updates for vCenter Server
2013-04-25 00:00:00
gentoo
gentoo
Apache Tomcat: Multiple vulnerabilities
2014-12-15 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related for DEBIANCVE:CVE-2012-4431