Lucene search
Apache TomcatTOMCAT:274AF249EA50BFD4E5ABD8AD60377E51HistoryApr 02, 2003 - 12:00 a.m.
Fixed in Apache Tomcat 4.0.0
2003-04-0200:00:00
Apache Tomcat
tomcat.apache.org
9
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
65.3%
Moderate: Security manager bypass CVE-2002-0493
If errors are encountered during the parsing of web.xml and Tomcat is configured to use a security manager it is possible for Tomcat to start without the security manager in place.
Affects: Pre-release builds of 4.0.0
Related
cve
cve
CVE-2002-0493
2003-04-02 05:00:00
veracode
veracode
Access Control Bypass
2018-11-13 04:53:33
nvd
nvd
CVE-2002-0493
2002-08-12 04:00:00
cvelist
cvelist
CVE-2002-0493
2003-04-02 05:00:00
github
github
Apache Tomcat may be started without proper security settings
2022-04-30 18:19:20
osv
osv
Apache Tomcat may be started without proper security settings
2022-04-30 18:19:20
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
65.3%
Related for TOMCAT:274AF249EA50BFD4E5ABD8AD60377E51