This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:apache:tomcat:5.5.30
Detail
VendorApacheFirst view 2011-02-10
ProductTomcatLast view2014-09-11
Version5.5.30TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:apache:tomcat

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
6.82014-09-11CVE-2013-4444NetworkMediumNone Requ...
4.32014-05-31CVE-2014-0119NetworkMediumNone Requ...
4.32014-05-31CVE-2014-0099NetworkMediumNone Requ...
4.32014-05-31CVE-2014-0096NetworkMediumNone Requ...
52014-05-31CVE-2014-0075NetworkLowNone Requ...
Hide | Show 18 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32014-02-26CVE-2013-4590NetworkMediumNone Requ...
4.32014-02-26CVE-2013-4322NetworkMediumNone Requ...
5.82014-02-26CVE-2013-4286NetworkMediumNone Requ...
7.52014-01-19CVE-2013-2185NetworkLowNone Requ...
52012-11-30CVE-2012-5568NetworkLowNone Requ...
52012-11-17CVE-2012-5887NetworkLowNone Requ...
52012-11-17CVE-2012-5886NetworkLowNone Requ...
52012-11-17CVE-2012-5885NetworkLowNone Requ...
52012-01-18CVE-2012-0022NetworkLowNone Requ...
4.32012-01-14CVE-2011-5064NetworkMediumNone Requ...
4.32012-01-14CVE-2011-5063NetworkMediumNone Requ...
52012-01-14CVE-2011-5062NetworkLowNone Requ...
52012-01-14CVE-2011-1184NetworkLowNone Requ...
7.52011-08-31CVE-2011-3190NetworkLowNone Requ...
4.42011-07-14CVE-2011-2526LocalMediumNone Requ...
1.92011-06-29CVE-2011-2204LocalMediumNone Requ...
4.32011-02-18CVE-2011-0013NetworkMediumNone Requ...
1.22011-02-10CVE-2010-3718LocalHighNone Requ...

CWE : Common Weakness Enumeration

%idName
27% (6)CWE-264Permissions, Privileges, and Access Controls
18% (4)CWE-20Improper Input Validation
13% (3)CWE-287Improper Authentication
13% (3)CWE-189Numeric Errors
9% (2)CWE-200Information Exposure
Hide | Show 4 More...
%idName
4% (1)CWE-310Cryptographic Issues
4% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
4% (1)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
4% (1)CWE-16Configuration

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:21075RHSA-2013:0623: tomcat6 security update (Important)
oval:org.mitre.oval:def:20966RHSA-2013:0640: tomcat5 security update (Important)
oval:org.mitre.oval:def:18605DSA-2725-1 tomcat6 - several
oval:org.mitre.oval:def:17934USN-1637-1 -- tomcat6 vulnerabilities
oval:org.mitre.oval:def:24031ELSA-2013:0623: tomcat6 security update (Important)
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:23491ELSA-2013:0640: tomcat5 security update (Important)
oval:org.mitre.oval:def:21412RHSA-2012:0474: tomcat5 security update (Moderate)
oval:org.mitre.oval:def:21312RHSA-2012:0475: tomcat6 security update (Moderate)
oval:org.mitre.oval:def:20494VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client,...
oval:org.mitre.oval:def:18934HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), ...
oval:org.mitre.oval:def:16925Vulnerability in the Management Pack for Oracle GoldenGate Server. Supported ...
oval:org.mitre.oval:def:15309DSA-2401-1 tomcat6 -- several
oval:org.mitre.oval:def:15018USN-1359-1 -- Tomcat vulnerabilities
oval:org.mitre.oval:def:23745ELSA-2012:0475: tomcat6 security update (Moderate)
oval:org.mitre.oval:def:23331ELSA-2012:0474: tomcat5 security update (Moderate)
oval:org.mitre.oval:def:25819SUSE-SU-2013:1374-1 -- Security update for tomcat6
oval:org.mitre.oval:def:27374DEPRECATED: ELSA-2012-0475 -- tomcat6 security update (moderate)
oval:org.mitre.oval:def:27313DEPRECATED: ELSA-2012-0474 -- tomcat5 security update (moderate)
oval:org.mitre.oval:def:19532HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), ...
oval:org.mitre.oval:def:14931HP-UX Apache Running Tomcat Servlet Engine, Remote Information Disclosure, Au...
oval:org.mitre.oval:def:19514HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), ...
oval:org.mitre.oval:def:14573HP-UX Apache Running Tomcat Servlet Engine, Remote Information Disclosure, Au...
oval:org.mitre.oval:def:24883RHSA-2014:0865: tomcat6 security and bug fix update (Moderate)
oval:org.mitre.oval:def:25013DEPRECATED: RHSA-2014:0865: tomcat6 security and bug fix update (Moderate)
oval:org.mitre.oval:def:24427RHSA-2014:0827: tomcat security update (Moderate)

Open Source Vulnerability Database (OSVDB)

idDescription
78573Apache Tomcat CPU Consumption Parameter Saturation Remote DoS
76189Apache Tomcat HTTP DIGEST Authentication Weakness
74818Apache Tomcat AJP Message Injection Authentication Bypass
73798Apache Tomcat sendfile Request Start / Endpoint Parsing Local DoS
73797Apache Tomcat sendfile Request Attribute Validation Weakness Local Access Res...
Hide | Show 3 More...
idDescription
73429Apache Tomcat JMX MemoryUserDatabase Local Password Disclosure
71558Apache Tomcat SecurityManager ServletContext Attribute Traversal Arbitrary Fi...
71557Apache Tomcat HTML Manager Multiple XSS

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-12-05Name : Apache Tomcat Partial HTTP Requests DoS Vulnerability (Windows)
File : nvt/gb_apache_tomcat_partial_http_req_dos_vuln_win.nasl
2012-11-27Name : Apache Tomcat Multiple Security Bypass Vulnerabilities (Windows)
File : nvt/gb_apache_tomcat_mult_sec_bypass_vuln_win.nasl
2012-11-23Name : Ubuntu Update for tomcat6 USN-1637-1
File : nvt/gb_ubuntu_USN_1637_1.nasl
2012-08-14Name : Fedora Update for tomcat6 FEDORA-2012-7593
File : nvt/gb_fedora_2012_7593_tomcat6_fc16.nasl
2012-08-10Name : Gentoo Security Advisory GLSA 201206-24 (apache tomcat)
File : nvt/glsa_201206_24.nasl
Hide | Show 20 More...
idDescription
2012-08-03Name : Mandriva Update for tomcat5 MDVSA-2012:085 (tomcat5)
File : nvt/gb_mandriva_MDVSA_2012_085.nasl
2012-08-02Name : SuSE Update for tomcat6 openSUSE-SU-2012:0208-1 (tomcat6)
File : nvt/gb_suse_2012_0208_1.nasl
2012-07-30Name : CentOS Update for tomcat6 CESA-2011:1780 centos6
File : nvt/gb_CESA-2011_1780_tomcat6_centos6.nasl
2012-07-30Name : CentOS Update for tomcat5 CESA-2011:1845 centos5 x86_64
File : nvt/gb_CESA-2011_1845_tomcat5_centos5_x86_64.nasl
2012-07-30Name : CentOS Update for tomcat5 CESA-2012:0474 centos5
File : nvt/gb_CESA-2012_0474_tomcat5_centos5.nasl
2012-07-30Name : CentOS Update for tomcat6 CESA-2012:0475 centos6
File : nvt/gb_CESA-2012_0475_tomcat6_centos6.nasl
2012-07-09Name : RedHat Update for tomcat6 RHSA-2011:1780-01
File : nvt/gb_RHSA-2011_1780-01_tomcat6.nasl
2012-07-09Name : RedHat Update for tomcat6 RHSA-2012:0475-01
File : nvt/gb_RHSA-2012_0475-01_tomcat6.nasl
2012-06-06Name : RedHat Update for tomcat6 RHSA-2011:0791-01
File : nvt/gb_RHSA-2011_0791-01_tomcat6.nasl
2012-04-13Name : RedHat Update for tomcat5 RHSA-2012:0474-01
File : nvt/gb_RHSA-2012_0474-01_tomcat5.nasl
2012-04-02Name : Fedora Update for tomcat6 FEDORA-2011-13426
File : nvt/gb_fedora_2011_13426_tomcat6_fc16.nasl
2012-03-16Name : VMSA-2012-0005 VMware vCenter Server, Orchestrator, Update Manager, vShield, ...
File : nvt/gb_VMSA-2012-0005.nasl
2012-02-21Name : Ubuntu Update for tomcat6 USN-1359-1
File : nvt/gb_ubuntu_USN_1359_1.nasl
2012-02-12Name : FreeBSD Ports: tomcat
File : nvt/freebsd_tomcat0.nasl
2012-02-12Name : Debian Security Advisory DSA 2401-1 (tomcat6)
File : nvt/deb_2401_1.nasl
2012-02-06Name : Mac OS X Multiple Vulnerabilities (2012-001)
File : nvt/gb_macosx_su12-001.nasl
2012-01-20Name : Apache Tomcat Parameter Handling Denial of Service Vulnerability (Win)
File : nvt/gb_apache_tomcat_parameter_handling_dos_vuln_win.nasl
2012-01-16Name : Apache Tomcat Multiple Security Bypass Vulnerabilities (Win)
File : nvt/gb_apache_tomcat_mult_security_bypass_vuln_win.nasl
2011-12-23Name : RedHat Update for tomcat5 RHSA-2011:1845-01
File : nvt/gb_RHSA-2011_1845-01_tomcat5.nasl
2011-12-23Name : CentOS Update for tomcat5 CESA-2011:1845 centos5 i386
File : nvt/gb_CESA-2011_1845_tomcat5_centos5_i386.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-B-0083Multiple Vulnerabilities in IBM Storwize V7000 Unified
Severity : Category I - VMSKEY : V0060983
2014-B-0063Multiple Vulnerabilities in Apache Tomcat
Severity : Category I - VMSKEY : V0051613
2014-B-0019Multiple Vulnerabilities in Apache Tomcat
Severity : Category I - VMSKEY : V0044527
2013-A-0219Multiple Vulnerabilities in Juniper Networks and Security Manager
Severity : Category I - VMSKEY : V0042384
2013-A-0177Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform
Severity : Category I - VMSKEY : V0040288

Snort® IPS/IDS

DateDescription
2014-11-16http POST request smuggling attempt
RuleID : 31213 - Type : INDICATOR-COMPROMISE - Revision : 2
2014-11-16http GET request smuggling attempt
RuleID : 31212 - Type : INDICATOR-COMPROMISE - Revision : 2
2014-01-10PyLoris http DoS tool
RuleID : 28532 - Type : MALWARE-TOOLS - Revision : 3
2014-01-10JBoss JMXInvokerServlet access attempt
RuleID : 24343 - Type : SERVER-WEBAPP - Revision : 4
2014-01-10JBoss web console access attempt
RuleID : 24342 - Type : SERVER-WEBAPP - Revision : 4
Hide | Show 2 More...
DateDescription
2014-01-10JBoss admin-console access
RuleID : 21517 - Type : SERVER-WEBAPP - Revision : 6
2014-01-10JBoss JMX console access attempt
RuleID : 21516 - Type : SERVER-WEBAPP - Revision : 9

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2016-04-18Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3552.nasl - Type : ACT_GATHER_INFO
2016-03-28Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3530.nasl - Type : ACT_GATHER_INFO
2016-03-03Name : The remote VMware ESXi / ESX host is missing a security-related patch.
File : vmware_VMSA-2012-0005_remote.nasl - Type : ACT_GATHER_INFO
2016-01-19Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3447.nasl - Type : ACT_GATHER_INFO
2015-06-26Name : The remote IBM Storwize device is affected by multiple vulnerabilities.
File : ibm_storwize_1_5_0_2.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2015-06-26Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2654-1.nasl - Type : ACT_GATHER_INFO
2015-05-18Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-526.nasl - Type : ACT_GATHER_INFO
2015-05-18Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-527.nasl - Type : ACT_GATHER_INFO
2015-03-30Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-084.nasl - Type : ACT_GATHER_INFO
2015-03-19Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-052.nasl - Type : ACT_GATHER_INFO
2015-03-19Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-053.nasl - Type : ACT_GATHER_INFO
2015-02-24Name : The remote Fedora host is missing a security update.
File : fedora_2015-2109.nasl - Type : ACT_GATHER_INFO
2015-01-19Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_tomcat_20120405.nasl - Type : ACT_GATHER_INFO
2015-01-19Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_tomcat_20140401.nasl - Type : ACT_GATHER_INFO
2015-01-19Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_tomcat_20140522.nasl - Type : ACT_GATHER_INFO
2015-01-19Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_tomcat_20140715.nasl - Type : ACT_GATHER_INFO
2014-12-15Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201412-29.nasl - Type : ACT_GATHER_INFO
2014-12-03Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15428.nasl - Type : ACT_GATHER_INFO
2014-11-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0680.nasl - Type : ACT_GATHER_INFO
2014-11-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0682.nasl - Type : ACT_GATHER_INFO
2014-10-30Name : The remote host is affected by multiple vulnerabilities.
File : oracle_edq_oct_2014_cpu.nasl - Type : ACT_GATHER_INFO
2014-10-12Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-344.nasl - Type : ACT_GATHER_INFO
2014-10-10Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15426.nasl - Type : ACT_GATHER_INFO
2014-10-10Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15429.nasl - Type : ACT_GATHER_INFO
2014-10-10Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15432.nasl - Type : ACT_GATHER_INFO