Lucene search
CVE-2015-5346
🗓️ 25 Feb 2016 01:02:59Reported by Debian Security Bug TrackerType 
debiancve🔗 security-tracker.debian.org👁 89 Views
Session fixation vulnerability in Apache Tomcat 7.x, 8.x, and 9.x versions before 7.0.66, 8.0.30, and 9.0.0.M2, allowing remote session hijacking by exploiting different session settings for multiple web app versions
Show more
| Reporter | Title | Published | Views | Family All 109 |
|---|---|---|---|---|
 | CVE-2015-5346 | 25 Feb 201601:59 | – | cve |
 | Fixed in Apache Tomcat 7.0.67 | 10 Dec 201500:00 | – | tomcat |
| Fixed in Apache Tomcat 8.0.32 | 8 Feb 201600:00 | – | tomcat |
| Fixed in Apache Tomcat 9.0.0.M3 | 5 Jan 201600:00 | – | tomcat |
 | Apache Tomcat Session Fixation Vulnerability (Feb 2016) - Windows | 25 Feb 201600:00 | – | openvas |
| Apache Tomcat Session Fixation Vulnerability (Feb 2016) - Linux | 25 Feb 201600:00 | – | openvas |
| Amazon Linux: Security Advisory (ALAS-2016-657) | 11 Mar 201600:00 | – | openvas |
| RedHat Update for tomcat RHSA-2016:2046-01 | 11 Oct 201600:00 | – | openvas |
| Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2016-1049) | 23 Jan 202000:00 | – | openvas |
| CentOS Update for tomcat CESA-2016:2046 centos7 | 12 Oct 201600:00 | – | openvas |
10
| OS | OS Version | Architecture | Package | Package Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | tomcat9 | 9.0.70-2 | tomcat9_9.0.70-2_all.deb |
| Debian | 11 | all | tomcat9 | 9.0.43-2~deb11u10 | tomcat9_9.0.43-2~deb11u10_all.deb |
| Debian | 999 | all | tomcat9 | 9.0.95-1 | tomcat9_9.0.95-1_all.deb |
| Debian | 13 | all | tomcat9 | 9.0.95-1 | tomcat9_9.0.95-1_all.deb |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo25 Feb 2016 01:59Current
8.1High risk
Vulners AI Score8.1
CVSS26.8
CVSS38.1
EPSS0.23827