Lucene search

CVE-2018-1304

🗓️ 28 Feb 2018 20:00:29Reported by [email protected]Type

Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, and 8.0.0.RC1 to 8.0.49 allow unauthorized acces

Reporter	Title	Published	Views	Family All 117
Prion	Code injection	28 Feb 201820:29	–	prion
UbuntuCve	CVE-2018-1304	28 Feb 201800:00	–	ubuntucve
CVE	CVE-2018-1304	28 Feb 201820:29	–	cve
Veracode	Authorization Bypass	27 Feb 201805:36	–	veracode
OSV	Apache Tomcat unauthorized access vulnerability	17 Oct 201816:31	–	osv
OSV	CVE-2018-1304	28 Feb 201820:29	–	osv
OSV	tomcat7 - security update	6 Mar 201800:00	–	osv
OSV	tomcat8 - security update	29 Jul 201800:00	–	osv
OSV	RHSA-2019:2205 Red Hat Security Advisory: tomcat security, bug fix, and enhancement update	13 Sep 202419:52	–	osv
OSV	tomcat8 - security update	29 Aug 201800:00	–	osv

Nvd

Node

apache tomcatRange7.0.0–7.0.84

apache tomcatRange8.0.0–8.0.49

apache tomcatRange8.5.0–8.5.27

apache tomcatRange9.0.0–9.0.4

apache tomcatMatch8.0.0rc1

apache tomcatMatch9.0.0milestone1

apache tomcatMatch9.0.0milestone10

apache tomcatMatch9.0.0milestone11

apache tomcatMatch9.0.0milestone12

apache tomcatMatch9.0.0milestone13

apache tomcatMatch9.0.0milestone14

apache tomcatMatch9.0.0milestone15

apache tomcatMatch9.0.0milestone16

apache tomcatMatch9.0.0milestone17

apache tomcatMatch9.0.0milestone18

apache tomcatMatch9.0.0milestone19

apache tomcatMatch9.0.0milestone2

apache tomcatMatch9.0.0milestone20

apache tomcatMatch9.0.0milestone21

apache tomcatMatch9.0.0milestone22

apache tomcatMatch9.0.0milestone23

apache tomcatMatch9.0.0milestone24

apache tomcatMatch9.0.0milestone25

apache tomcatMatch9.0.0milestone26

apache tomcatMatch9.0.0milestone27

apache tomcatMatch9.0.0milestone3

apache tomcatMatch9.0.0milestone4

apache tomcatMatch9.0.0milestone5

apache tomcatMatch9.0.0milestone6

apache tomcatMatch9.0.0milestone7

apache tomcatMatch9.0.0milestone8

apache tomcatMatch9.0.0milestone9

Node

redhat jboss_enterprise_application_platformMatch6

redhat jboss_enterprise_application_platformMatch6.4

redhat jboss_enterprise_web_serverMatch3.0.0

AND

redhat enterprise_linuxMatch6.0

redhat enterprise_linuxMatch7.0

Node

debian debian_linuxMatch7.0

debian debian_linuxMatch8.0

debian debian_linuxMatch9.0

Node

canonical ubuntu_linuxMatch14.04lts

canonical ubuntu_linuxMatch16.04lts

canonical ubuntu_linuxMatch17.10

canonical ubuntu_linuxMatch18.04lts

Node

oracle fusion_middlewareMatch12.2.1.3.0

oracle hospitality_guest_accessMatch4.2.0

oracle hospitality_guest_accessMatch4.2.1

oracle micros_relate_crm_softwareMatch11.4

oracle secure_global_desktopMatch5.3

oracle secure_global_desktopMatch5.4

Node

redhat jboss_middlewareMatch1

Source	Link
access	www.access.redhat.com/errata/RHSA-2018:1320
lists	www.lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E
access	www.access.redhat.com/errata/RHSA-2018:1451
lists	www.lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E
oracle	www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
access	www.access.redhat.com/errata/RHSA-2018:1450
lists	www.lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
security	www.security.netapp.com/advisory/ntap-20180706-0001/
access	www.access.redhat.com/errata/RHSA-2019:2205
lists	www.lists.debian.org/debian-lts-announce/2018/07/msg00044.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

28 Feb 2018 20:29Current

7High risk

Vulners AI Score7

CVSS24.3

CVSS35.9

EPSS0.0048