Summary:
There are multiple issues found on ███:
Description:
Examples are available by link: ███████/examples/
Information disclosure about Apache Tomcat version
Vulnerable version Apache Tomcat/8.5.33
https://nvd.nist.gov/vuln/detail/CVE-2020-1938
Base Score: 9.8 CRITICALVector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
https://nvd.nist.gov/vuln/detail/CVE-2019-0232
Base Score: 8.1 HIGH Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
https://nvd.nist.gov/vuln/detail/CVE-2019-17563
Base Score: 7.5 HIGH Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
https://nvd.nist.gov/vuln/detail/CVE-2019-10072
Base Score: 7.5 HIGH Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
https://nvd.nist.gov/vuln/detail/CVE-2019-0199
Base Score: 7.5 HIGH Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
https://nvd.nist.gov/vuln/detail/CVE-2020-1967
Base Score: 7.5 HIGH Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
https://nvd.nist.gov/vuln/detail/CVE-2019-12418
Base Score: 7.0 HIGH Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
https://nvd.nist.gov/vuln/detail/CVE-2019-0221
Base Score: 6.1 MEDIUM Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
https://nvd.nist.gov/vuln/detail/CVE-2019-2684
Base Score: 5.9 MEDIUM Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
https://nvd.nist.gov/vuln/detail/CVE-2020-1935
Base Score: 4.8 MEDIUM Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
https://nvd.nist.gov/vuln/detail/CVE-2018-11784
Base Score: 4.3 MEDIUM Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
More than Critical. The system is vulnerable. Exploits are available.
Apache Tomcat/8.5.33
More than Critical. The system is vulnerable. Exploits are available.
In the An attacker can change session and cookies. Potential sessions interception.
CVEs: Critical -1, High - 6, Medium - 4