Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:34 a.m.5 views

SUSE CVE-2018-1323

The IIS/ISAPI specific code in the Apache Tomcat JK ISAPI Connector 1.2.0 to 1.2.42 that normalised the requested path before matching it to the URI-worker map did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via IIS, then it was possible fo...

7.5CVSS7AI score0.44244EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/28 6:35 p.m.40 views

Security Bulletin: Security vulnerabilities in Apache Tomcat affect multiple IBM Rational products based on IBM's Jazz technology

Summary The Jazz Team Server is shipped with/or supports versions of the Apache Tomcat web server which contains a security vulnerabilities that could potentially impact the following IBM Rational products deployed on Apache Tomcat: Collaborative Lifecycle Management CLM, Rational DOORS Next...

7.5CVSS0.3AI score0.44244EPSS
Exploits2Affected Software7
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:43 a.m.43 views

Security Bulletin: Vulnerability in Apache Tomcat affects IBM Platform Symphony, IBM Spectrum Symphony (CVE-2017-15698, CVE-2017-15706, CVE-2018-1323, CVE-2018-1305, CVE-2018-1304)

Summary This interim fix provides instructions on upgrading Apache Tomcat from v5.5.36 to v7.0.88 in IBM Platform Symphony 6.1.1 and from v6.0.43 to v8.5.31 in IBM Platform Symphony 7.1 Fix Pack 1 in order to address a security vulnerability in Tomcat CVE-2017-15698, CVE-2017-15706, CVE-2018-1323...

7.5CVSS7AI score0.44244EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 5:28 a.m.45 views

Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Team Server shipped with Jazz Reporting Service (CVE-2018-1323,CVE-2018-1305,CVE-2018-1304)

Summary Jazz Team Server is shipped as a component of Jazz Reporting Service JRS. Information about multiple security vulnerabilities affecting Jazz Team Server and Jazz-based products has been published in a security bulletin. Vulnerability Details CVEID: CVE-2018-1305 DESCRIPTION: Apache Tomcat...

7.5CVSS0.1AI score0.44244EPSS
Exploits2Affected Software1
RedHat Linux
RedHat Linux
added 2018/06/13 12:19 p.m.91 views

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

7.5CVSS7.1AI score0.44244EPSS
Exploits0References3
CVE
CVE
added 2018/03/12 4:0 p.m.104 views

CVE-2018-1323

The issue (CVE-2018-1323) affects Apache Tomcat JK Connector (mod_jk) IIS/ISAPI integration: the ISAPI Connector 1.2.0–1.2.42 path normalization in jk_isapi_plugin.c could allow a specially crafted request to access application functionality via the reverse proxy that was not intended for clients...

7.5CVSS7.5AI score0.44244EPSS
Exploits0References9Affected Software1
Apache Tomcat
Apache Tomcat
added 2018/03/12 12:0 a.m.40 views

Fixed in Apache Tomcat JK Connector 1.2.43

Important: Information disclosure CVE-2018-1323 The IIS/ISAPI specific code that normalised the requested path before matching it to the URI-worker map did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via IIS, then it was possible for a...

7.5CVSS7.5AI score0.44244EPSS
Exploits0Affected Software1
Rows per page
Query Builder