Lucene search
K

52 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.21 views

Linux Distros Unpatched Vulnerability : CVE-2019-17563

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could...

7.5CVSS6.8AI score0.10687EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/07/12 12:0 a.m.47 views

RHEL 8 : tomcat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tomcat: Session fixation when using FORM authentication CVE-2019-17563 - tomcat: JsonErrorReportValve...

7.5CVSS7.8AI score0.87553EPSS
Exploits25References17
Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.68 views

Apache Tomcat 7.0.0 < 7.0.99 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 7.0.99. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat7.0.99security-7 advisory. - When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to...

7.5CVSS7AI score0.10687EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.49 views

RHEL 6 : tomcat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tomcat: request mixup CVE-2022-25762 - When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 ...

8.5AI score0.73139EPSS
Exploits28References15
Circl
Circl
added 2024/03/16 2:21 p.m.4 views

CVE-2019-17563

creationtimestamp| type| source ---|---|--- 2024-03-16 14:21:46+00:00| seen| https://t.me/ctinow/209559...

7.5CVSS7.5AI score0.10687EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/11/03 12:0 a.m.52 views

F5 Networks BIG-IP : Apache Tomcat vulnerability (K24551552)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1.1. It is, therefore, affected by a vulnerability as referenced in the K24551552 advisory. When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was ...

7.5CVSS6.9AI score0.10687EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.55 views

Oracle Linux 7 : tomcat (ELSA-2020-4004)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4004 advisory. - Resolves: CVE-2020-13935 tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS - Resolves: CVE-2020-9484 tomca...

7.5CVSS7.4AI score0.87553EPSS
Exploits16References3
Tenable Nessus
Tenable Nessus
added 2023/05/17 12:0 a.m.66 views

Amazon Linux 2 : tomcat (ALAS-2023-2047)

The version of tomcat installed on the remote host is prior to 7.0.76-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2047 advisory. A privilege escalation flaw was found in Tomcat when the JMX Remote Lifecycle Listener was enabled. A local attacker...

7.5CVSS7AI score0.87553EPSS
Exploits1References8
F5 Networks
F5 Networks
added 2023/02/21 6:34 p.m.247 views

K24551552: Apache Tomcat vulnerability CVE-2019-17563

Security Advisory Description When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but,...

7.5CVSS7.4AI score0.10687EPSS
Exploits0Affected Software11
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.36 views

SUSE: Security Advisory (SUSE-SU-2020:0226-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.72988EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.36 views

SUSE: Security Advisory (SUSE-SU-2020:1498-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.56636EPSS
Exploits18References8
RedHat Linux
RedHat Linux
added 2021/03/30 9:46 a.m.99 views

Low: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7AI score0.10687EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/03/17 12:0 a.m.53 views

RHEL 7 : tomcat (RHSA-2021:0882)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0882 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Session fixation wh...

7.5CVSS7.5AI score0.10687EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2020/10/21 12:0 a.m.60 views

Scientific Linux Security Update : tomcat on SL7.x x86_64 (20201001)

Security Fixes : - tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS CVE-2020-13935 - tomcat: session fixation when using FORM authentication CVE-2019-17563 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc';...

7.5CVSS6.9AI score0.87553EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2020/10/20 12:0 a.m.70 views

CentOS 7 : tomcat (RHSA-2020:4004)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4004 advisory. - When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker...

7.5CVSS7.1AI score0.87553EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2020/09/29 7:54 p.m.196 views

Important: Red Hat Security Advisory: tomcat security and bug fix update

An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS6.7AI score0.87553EPSS
Exploits1References9
Debian
Debian
added 2020/05/28 5:53 p.m.140 views

[SECURITY] [DLA 2209-1] tomcat8 security update

Package : tomcat8 Version : 8.0.14-1+deb8u17 CVE ID : CVE-2019-17563 CVE-2020-1935 CVE-2020-1938 CVE-2020-9484 Debian Bug : 961209 952436 952437 952438 Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. WARNING: The fix for CVE-2020-1938 may disrupt servic...

9.8CVSS8.6AI score0.9927EPSS
Exploits59
Debian
Debian
added 2020/05/06 8:58 p.m.118 views

[SECURITY] [DSA 4680-1] tomcat9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4680-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 06, 2020 https://www.debian.org/security/faq -...

9.8CVSS8.4AI score0.9927EPSS
Exploits45
IBM Security Bulletins
IBM Security Bulletins
added 2020/04/24 4:47 a.m.42 views

Security Bulletin: IBM Integration Bus affected by multiple Apache Tomcat (core only) vulnerabilities.

Summary IBM Integration Bus is affected by an Apache Tomcat vulnerability which was reported and has been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2019-12418 DESCRIPTION: Apache Tomcat could allow a local attacker to gain elevated privileges on the syste...

7.5CVSS0.9AI score0.10687EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/04/21 11:7 a.m.96 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 5.3 release

Updated Red Hat JBoss Web Server 5.3.0 packages are now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

9.8CVSS7AI score0.9927EPSS
Exploits45References10
Rows per page
Query Builder