Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8655 matches found

RedHat Linux
RedHat Linuxadded 2013/07/01 3:10 p.m.3 views

tomcat: three DIGEST authentication implementation issues

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc aka nonce-count values, which makes it easi...

5CVSS6.1AI score0.02237EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/07/01 3:10 p.m.4 views

tomcat: three DIGEST authentication implementation issues

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...

5CVSS7.3AI score0.00895EPSS
Exploits2References4
RedHat Linux
RedHat Linuxadded 2013/05/28 5:28 p.m.2 views

tomcat: DIGEST authentication vulnerable to replay attacks

The Tomcat 6 DIGEST authentication functionality as used in Red Hat Enterprise Linux 6 allows remote attackers to bypass intended access restrictions by performing a replay attack after a nonce becomes stale. NOTE: this issue is due to an incomplete fix for CVE-2012-5887...

5CVSS7.4AI score0.00895EPSS
Exploits2References4
Positive Technologies
Positive Technologiesadded 2013/05/28 12:0 a.m.4 views

PT-2013-3518 · Apache +2 · Apache Tomcat +2

Name of the Vulnerable Software and Affected Versions: Apache Tomcat 6 versions affected versions not specified Description: The issue allows remote attackers to bypass intended access restrictions by performing a replay attack after a nonce becomes stale. This is due to an incomplete fix for a...

6.9CVSS8.1AI score0.00338EPSS
Exploits3References15
RedHat Linux
RedHat Linuxadded 2013/04/09 6:4 p.m.0 views

tomcat: three DIGEST authentication implementation issues

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...

5CVSS7.3AI score0.00895EPSS
Exploits2References4
RedHat Linux
RedHat Linuxadded 2013/04/09 6:4 p.m.2 views

tomcat: three DIGEST authentication implementation issues

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc aka nonce-count values, which makes it easi...

5CVSS6.1AI score0.02237EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/03/20 3:48 p.m.2 views

tomcat: three DIGEST authentication implementation issues

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc aka nonce-count values, which makes it easi...

5CVSS6.1AI score0.02237EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/03/14 4:46 p.m.5 views

tomcat: three DIGEST authentication implementation issues

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc aka nonce-count values, which makes it easi...

5CVSS6.1AI score0.02237EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/03/14 4:46 p.m.3 views

tomcat: three DIGEST authentication implementation issues

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...

5CVSS7.3AI score0.00895EPSS
Exploits2References4
RedHat Linux
RedHat Linuxadded 2013/03/14 4:40 p.m.2 views

tomcat: three DIGEST authentication implementation issues

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc aka nonce-count values, which makes it easi...

5CVSS6.1AI score0.02237EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/03/14 4:40 p.m.2 views

tomcat: three DIGEST authentication implementation issues

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...

5CVSS7.3AI score0.00895EPSS
Exploits2References4
RedHat Linux
RedHat Linuxadded 2013/03/12 5:57 p.m.4 views

tomcat: three DIGEST authentication implementation issues

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...

5CVSS7.3AI score0.00895EPSS
Exploits2References4
RedHat Linux
RedHat Linuxadded 2013/03/11 7:3 p.m.0 views

tomcat: three DIGEST authentication implementation issues

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...

5CVSS7.3AI score0.00895EPSS
Exploits2References4
RedHat Linux
RedHat Linuxadded 2013/03/11 7:3 p.m.2 views

tomcat: three DIGEST authentication implementation issues

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc aka nonce-count values, which makes it easi...

5CVSS6.1AI score0.02237EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/03/11 7:3 p.m.1 views

tomcat: three DIGEST authentication implementation issues

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc aka nonce-count values, which makes it easi...

5CVSS6.1AI score0.02237EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/03/11 6:33 p.m.0 views

tomcat: three DIGEST authentication implementation issues

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...

5CVSS7.3AI score0.00895EPSS
Exploits2References4
RedHat Linux
RedHat Linuxadded 2013/03/11 6:33 p.m.3 views

tomcat: three DIGEST authentication implementation issues

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc aka nonce-count values, which makes it easi...

5CVSS6.1AI score0.02237EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/03/11 6:33 p.m.1 views

tomcat: three DIGEST authentication implementation issues

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce aka client nonce values instead of nonce aka server nonce and nc aka nonce-count values, which makes it easi...

5CVSS6.1AI score0.02237EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2013/03/11 6:33 p.m.0 views

tomcat: three DIGEST authentication implementation issues

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...

5CVSS7.3AI score0.00895EPSS
Exploits2References4
RedHat Linux
RedHat Linuxadded 2013/03/11 6:14 p.m.2 views

tomcat: three DIGEST authentication implementation issues

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended...

5CVSS7.3AI score0.00895EPSS
Exploits2References4
Rows per page
Query Builder