4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
75.1%
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache
Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when
operated behind a reverse proxy, allows remote attackers to conduct HTTP
request smuggling attacks via a crafted Content-Length HTTP header.