2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
43.9%
Low: Information disclosure CVE-2008-4308
Bug 40771 may result in the disclosure of POSTed content from a previous request. For a vulnerability to exist, the content read from the input stream must be disclosed, eg via writing it to the response and committing the response, before the ArrayIndexOutOfBoundsException occurs which will halt processing of the request.
Affects: 4.1.32-4.1.34 (4.0.x unknown)
CPE | Name | Operator | Version |
---|---|---|---|
apache tomcat | ge | 4.1.32 | |
apache tomcat | le | 4.1.34 |