4.2 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.971 High
EPSS
Percentile
99.8%
Important: Information Disclosure CVE-2008-5515
When using a RequestDispatcher obtained from the Request, the target path was normalised before the query string was removed. A request that included a specially crafted request parameter could be used to access content that would otherwise be protected by a security constraint or by locating it in under the WEB-INF directory.
This was fixed in revisions 782763 and 783292.
Affects: 4.1.0-4.1.39
Important: Denial of Service CVE-2009-0033
If Tomcat receives a request with invalid headers via the Java AJP connector, it does not return an error and instead closes the AJP connection. In case this connector is member of a mod_jk load balancing worker, this member will be put into an error state and will be blocked from use for approximately one minute. Thus the behaviour can be used for a denial of service attack using a carefully crafted request.
This was fixed in revision 781362.
Affects: 4.1.0-4.1.39
Low: Information disclosure CVE-2009-0580
Due to insufficient error checking in some authentication classes, Tomcat allows for the enumeration (brute force testing) of user names by supplying illegally URL encoded passwords. The attack is possible if FORM based authentication (j_security_check) is used with the MemoryRealm. Note that in early versions, the DataSourceRealm and JDBCRealm were also affected.
This was fixed in revision 781382.
Affects: 4.1.0-4.1.39 (Memory Realm), 4.1.0-4.1.31 (JDBC Realm), 4.1.17-4.1.31 (DataSource Realm)
Low: Cross-site scripting CVE-2009-0781
The calendar application in the examples web application contains an XSS flaw due to invalid HTML which renders the XSS filtering protection ineffective.
This was fixed in revision 750927.
Affects: 4.1.0-4.1.39
Low: Information disclosure CVE-2009-0783
Bugs 29936 and 45933 allowed a web application to replace the XML parser used by Tomcat to process web.xml and tld files. In limited circumstances these bugs may allow a rogue web application to view and/or alter the web.xml and tld files of other web applications deployed on the Tomcat instance.
This was fixed in revision 781708.
Affects: 4.1.0-4.1.39
CPE | Name | Operator | Version |
---|---|---|---|
apache tomcat | ge | 4.1.0 | |
apache tomcat | ge | 4.1.17 | |
apache tomcat | le | 4.1.31 | |
apache tomcat | le | 4.1.39 |
4.2 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.971 High
EPSS
Percentile
99.8%