CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
EPSS
Percentile
88.9%
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6,
4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain
configurations, allows remote authenticated users to read arbitrary files
via a WebDAV write request that specifies an entity with a SYSTEM tag.