Lucene search
K

101 matches found

Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.23 views

Apache Tomcat 7.0.79 < 7.0.84 Insecure CGI Servlet Search Algorithm Description Weakness

The version of Apache Tomcat installed on the remote host is 7.0.x prior to 7.0.84. It is, therefore, affected by a flaw that is due to the program containing an incorrect description for the CGI Servlet search algorithm, which may cause an administrator to leave the system in an insecure state...

5.3CVSS7.2AI score0.06198EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:51 a.m.38 views

Security Bulletin: Apache Tomcat vulnerability affects IBM Storwize V7000 Unified (CVE-2017-15706)

Summary Apache Tomcat CGI Servlet vulnerability Vulnerability Details CVEID: CVE-2017-15706 DESCRIPTION: Apache Tomcat could provide weaker than expected security, caused by the incorrect documentation of the CGI search algorithm used by the CGI Servlet to identify which script to execute. The...

5.3CVSS1.5AI score0.06198EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2018/06/05 12:0 a.m.66 views

Ubuntu: Security Advisory (USN-3665-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.99988EPSS
Exploits29References4
Tenable Nessus
Tenable Nessus
added 2018/05/31 12:0 a.m.129 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Tomcat vulnerabilities (USN-3665-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3665-1 advisory. It was discovered that Tomcat incorrectly handled being configured with HTTP PUTs enabled. A remote attacker could use this issue...

9.8CVSS7.7AI score0.99988EPSS
Exploits29References7
Ubuntu
Ubuntu
added 2018/05/30 5:47 p.m.153 views

USN-3665-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled being configured with HTTP PUTs enabled. A remote attacker could use this issue to upload a JSP file to the server and execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 17.10. CVE-2017-12616,...

9.8CVSS7.5AI score0.99988EPSS
Exploits29
Tenable Nessus
Tenable Nessus
added 2018/03/30 12:0 a.m.59 views

openSUSE Security Update : tomcat (openSUSE-2018-325)

This update for tomcat fixes the following issues : Security issues fixed : - CVE-2018-1305: Fixed late application of security constraints that can lead to resource exposure for unauthorised users bsc1082481. - CVE-2018-1304: Fixed incorrect handling of empty string URL in security constraints...

6.5CVSS6.3AI score0.17378EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2018/03/27 12:0 a.m.49 views

Amazon Linux AMI : tomcat80 (ALAS-2018-973)

Incorrect documentation of CGI Servlet search algorithm may lead to misconfiguration : As part of the fix for bug 61201, the documentation for Apache Tomcat included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The update was not...

6.5CVSS6.4AI score0.17378EPSS
Exploits2References4
Amazon
Amazon
added 2018/03/21 12:0 a.m.50 views

Medium: tomcat80

Issue Overview: Incorrect documentation of CGI Servlet search algorithm may lead to misconfiguration: As part of the fix for bug 61201, the documentation for Apache Tomcat included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The upda...

6.5CVSS7.2AI score0.17378EPSS
Exploits2
Mageia
Mageia
added 2018/02/28 1:55 p.m.72 views

Updated tomcat packages fix security vulnerabilities

In Tomcat 8.0.45, the description of the search algorithm used by the CGI Servlet to identify which script to execute was updated. The update was not correct. As a result, some scripts may have failed to execute as expected and other scripts may have been executed unexpectedly. Note that the...

6.5CVSS0.2AI score0.17378EPSS
Exploits2References3
OSV
OSV
added 2018/02/28 1:55 p.m.18 views

MGASA-2018-0149 Updated tomcat packages fix security vulnerabilities

In Tomcat 8.0.45, the description of the search algorithm used by the CGI Servlet to identify which script to execute was updated. The update was not correct. As a result, some scripts may have failed to execute as expected and other scripts may have been executed unexpectedly. Note that the...

6.5CVSS6.6AI score0.17378EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2018/02/22 12:0 a.m.33 views

Amazon Linux AMI : tomcat8 (ALAS-2018-959)

Incorrect documentation of CGI Servlet search algorithm may lead to misconfiguration As part of the fix for bug 61201, the documentation for Apache Tomcat included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The update was not correc...

5.3CVSS6.9AI score0.06198EPSS
Exploits0References2
Amazon
Amazon
added 2018/02/20 12:0 a.m.37 views

Low: tomcat8

Issue Overview: Incorrect documentation of CGI Servlet search algorithm may lead to misconfiguration As part of the fix for bug 61201, the documentation for Apache Tomcat included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The updat...

5.3CVSS6.3AI score0.06198EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/02/09 12:0 a.m.35 views

Apache Tomcat 9.0.0.M22 < 9.0.2

The version of Tomcat installed on the remote host is prior to 9.0.2. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.2security-9 advisory. - As part of the fix for bug 61201, the documentation for Apache Tomcat 9.0.0.M22 to 9.0.1, 8.5.16 to 8.5.23, 8.0.4...

5.3CVSS7AI score0.06198EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/02/09 12:0 a.m.47 views

Apache Tomcat 8.5.16 < 8.5.24

The version of Tomcat installed on the remote host is prior to 8.5.24. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.5.24security-8 advisory. - As part of the fix for bug 61201, the documentation for Apache Tomcat 9.0.0.M22 to 9.0.1, 8.5.16 to 8.5.23,...

5.3CVSS7AI score0.06198EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/02/09 12:0 a.m.67 views

Apache Tomcat 8.0.45 < 8.0.48

The version of Tomcat installed on the remote host is prior to 8.0.48. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.0.48security-8 advisory. - As part of the fix for bug 61201, the documentation for Apache Tomcat 9.0.0.M22 to 9.0.1, 8.5.16 to 8.5.23,...

5.3CVSS7AI score0.06198EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/02/09 12:0 a.m.32 views

Apache Tomcat 7.0.79 < 7.0.84

The version of Tomcat installed on the remote host is prior to 7.0.84. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat7.0.84security-7 advisory. - As part of the fix for bug 61201, the documentation for Apache Tomcat 9.0.0.M22 to 9.0.1, 8.5.16 to 8.5.23,...

5.3CVSS7AI score0.06198EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/02/09 12:0 a.m.34 views

Amazon Linux AMI : tomcat7 (ALAS-2018-947)

Incorrect documentation of CGI Servlet search algorithm may lead to misconfiguration : As part of the fix for bug 61201, the documentation for Apache Tomcat included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The update was not...

5.3CVSS6.9AI score0.06198EPSS
Exploits0References2
Amazon
Amazon
added 2018/02/07 12:0 a.m.42 views

Low: tomcat7

Issue Overview: Incorrect documentation of CGI Servlet search algorithm may lead to misconfiguration: As part of the fix for bug 61201, the documentation for Apache Tomcat included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The upda...

5.3CVSS6.3AI score0.06198EPSS
Exploits0
Prion
Prion
added 2018/01/31 2:29 p.m.27 views

Design/Logic Flaw

As part of the fix for bug 61201, the documentation for Apache Tomcat 9.0.0.M22 to 9.0.1, 8.5.16 to 8.5.23, 8.0.45 to 8.0.47 and 7.0.79 to 7.0.82 included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The update was not correct. As a...

5CVSS5.7AI score0.06198EPSS
Exploits0References20Affected Software1
NVD
NVD
added 2018/01/31 2:29 p.m.15 views

CVE-2017-15706

As part of the fix for bug 61201, the documentation for Apache Tomcat 9.0.0.M22 to 9.0.1, 8.5.16 to 8.5.23, 8.0.45 to 8.0.47 and 7.0.79 to 7.0.82 included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The update was not correct. As a...

5.3CVSS5.5AI score0.06198EPSS
Exploits0References20
Rows per page
Query Builder