This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:apache:tomcat:6.0.36
Detail
VendorApacheFirst view 2012-11-30
ProductTomcatLast view2017-08-10
Version6.0.36TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:apache:tomcat

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
52017-08-10CVE-2016-6797NetworkLowNone Requ...
52017-08-10CVE-2016-6796NetworkLowNone Requ...
52017-08-10CVE-2016-6794NetworkLowNone Requ...
52017-08-10CVE-2016-5018NetworkLowNone Requ...
4.32017-08-10CVE-2016-0762NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
52017-04-17CVE-2017-5647NetworkLowNone Requ...
7.52017-04-06CVE-2016-8735NetworkLowNone Requ...
6.82017-03-20CVE-2016-6816NetworkMediumNone Requ...
5.12016-07-18CVE-2016-5388NetworkHighNone Requ...
6.52016-02-24CVE-2016-0714NetworkLowRequires ...
42016-02-24CVE-2016-0706NetworkLowRequires ...
52016-02-24CVE-2015-5345NetworkLowNone Requ...
42016-02-24CVE-2015-5174NetworkLowRequires ...
52015-06-07CVE-2014-7810NetworkLowNone Requ...
7.82015-06-07CVE-2014-0230NetworkLowNone Requ...
6.42015-02-15CVE-2014-0227NetworkLowNone Requ...
6.82014-09-11CVE-2013-4444NetworkMediumNone Requ...
4.32014-05-31CVE-2014-0119NetworkMediumNone Requ...
4.32014-05-31CVE-2014-0099NetworkMediumNone Requ...
4.32014-05-31CVE-2014-0096NetworkMediumNone Requ...
52014-05-31CVE-2014-0075NetworkLowNone Requ...
4.32014-02-26CVE-2014-0033NetworkMediumNone Requ...
4.32014-02-26CVE-2013-4590NetworkMediumNone Requ...
4.32014-02-26CVE-2013-4322NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
20% (6)CWE-20Improper Input Validation
13% (4)CWE-284Access Control (Authorization) Issues
13% (4)CWE-264Permissions, Privileges, and Access Controls
13% (4)CWE-200Information Exposure
6% (2)CWE-254Security Features
Hide | Show 7 More...
%idName
6% (2)CWE-189Numeric Errors
6% (2)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...
3% (1)CWE-399Resource Management Errors
3% (1)CWE-287Improper Authentication
3% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
3% (1)CWE-19Data Handling
3% (1)CWE-16Configuration

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:26507Allows remote attackers to cause a denial of service by streaming data.
oval:org.mitre.oval:def:26443SUSE-SU-2014:1015-1 -- Security update for tomcat6
oval:org.mitre.oval:def:26649DEPRECATED: SUSE-SU-2014:1015-1 -- Security update for tomcat6
oval:org.mitre.oval:def:26472DEPRECATED: ELSA-2014-0429 -- tomcat6 security update (Moderate)
oval:org.mitre.oval:def:29131HP-UX Apache Tomcat v7.x, Remote Denial of Service (DoS) and Other Vulnerabil...
Hide | Show 19 More...
idName
oval:org.mitre.oval:def:29086HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Ser...
oval:org.mitre.oval:def:24883RHSA-2014:0865: tomcat6 security and bug fix update (Moderate)
oval:org.mitre.oval:def:25013DEPRECATED: RHSA-2014:0865: tomcat6 security and bug fix update (Moderate)
oval:org.mitre.oval:def:24427RHSA-2014:0827: tomcat security update (Moderate)
oval:org.mitre.oval:def:26063USN-2302-1 -- tomcat6, tomcat7 vulnerabilities
oval:org.mitre.oval:def:27293ELSA-2014-0865 -- tomcat6 security and bug fix update (moderate)
oval:org.mitre.oval:def:27263ELSA-2014-0827 -- tomcat security update (moderate)
oval:org.mitre.oval:def:26971HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Ser...
oval:org.mitre.oval:def:26374RHSA-2014:1038: tomcat6 security update (Low)
oval:org.mitre.oval:def:26183RHSA-2014:1034: tomcat security update (Low)
oval:org.mitre.oval:def:27179ELSA-2014-1034 -- tomcat security update (low)
oval:org.mitre.oval:def:20834RHSA-2013:0964: tomcat6 security update (Moderate)
oval:org.mitre.oval:def:24045ELSA-2013:0964: tomcat6 security update (Moderate)
oval:org.mitre.oval:def:26473Allows remote attackers to inject a request into a session by sending this re...
oval:org.mitre.oval:def:27583DEPRECATED: ELSA-2013-0964 -- tomcat6 security update (moderate)
oval:org.mitre.oval:def:26848HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Ser...
oval:org.mitre.oval:def:27228ELSA-2014-1038 -- tomcat6 security update (low)
oval:org.mitre.oval:def:24046DEPRECATED: ELSA-2014:0246: gnutls security update (Important)
oval:org.mitre.oval:def:27100HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Ser...

OpenVAS Exploits

idDescription
2012-12-05Name : Apache Tomcat Partial HTTP Requests DoS Vulnerability (Windows)
File : nvt/gb_apache_tomcat_partial_http_req_dos_vuln_win.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0160Multiple Vulnerabilities in Oracle Linux and Virtualization
Severity : Category I - VMSKEY : V0061123
2015-B-0083Multiple Vulnerabilities in IBM Storwize V7000 Unified
Severity : Category I - VMSKEY : V0060983
2015-B-0065Apache Tomcat Security Bypass Vulnerability
Severity : Category I - VMSKEY : V0060761
2014-B-0063Multiple Vulnerabilities in Apache Tomcat
Severity : Category I - VMSKEY : V0051613
2014-B-0019Multiple Vulnerabilities in Apache Tomcat
Severity : Category I - VMSKEY : V0044527
Hide | Show 4 More...
idDescription
2014-A-0009Multiple Vulnerabilities in Oracle Fusion Middleware
Severity : Category I - VMSKEY : V0043395
2013-A-0219Multiple Vulnerabilities in Juniper Networks and Security Manager
Severity : Category I - VMSKEY : V0042384
2013-A-0177Multiple Vulnerabilities in Red Hat JBoss Enterprise Application Platform
Severity : Category I - VMSKEY : V0040288
2013-B-0047Multiple Vulnerabilities in Apache Tomcat
Severity : Category I - VMSKEY : V0037947

Snort® IPS/IDS

DateDescription
2018-04-27Apache Tomcat Java JmxRemoteLifecycleListener unauthorized serialized object ...
RuleID : 46071 - Type : SERVER-APACHE - Revision : 1
2016-07-28HttpOxy CGI application vulnerability potential man-in-the-middle attempt
RuleID : 39737-community - Type : SERVER-WEBAPP - Revision : 2
2016-08-31HttpOxy CGI application vulnerability potential man-in-the-middle attempt
RuleID : 39737 - Type : SERVER-WEBAPP - Revision : 2
2014-11-16http POST request smuggling attempt
RuleID : 31213 - Type : INDICATOR-COMPROMISE - Revision : 2
2014-11-16http GET request smuggling attempt
RuleID : 31212 - Type : INDICATOR-COMPROMISE - Revision : 2
Hide | Show 5 More...
DateDescription
2014-01-10PyLoris http DoS tool
RuleID : 28532 - Type : MALWARE-TOOLS - Revision : 3
2014-01-10JBoss JMXInvokerServlet access attempt
RuleID : 24343 - Type : SERVER-WEBAPP - Revision : 4
2014-01-10JBoss web console access attempt
RuleID : 24342 - Type : SERVER-WEBAPP - Revision : 4
2014-01-10JBoss admin-console access
RuleID : 21517 - Type : SERVER-WEBAPP - Revision : 6
2014-01-10JBoss JMX console access attempt
RuleID : 21516 - Type : SERVER-WEBAPP - Revision : 9

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-3080.nasl - Type : ACT_GATHER_INFO
2018-08-30Name : A web application running on the remote host is affected by multiple vulnerab...
File : activemq_5_15_5.nasl - Type : ACT_GATHER_INFO
2018-03-21Name : The remote device is affected by multiple vulnerabilities.
File : juniper_space_jsa_10838.nasl - Type : ACT_GATHER_INFO
2018-03-06Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL18174924.nasl - Type : ACT_GATHER_INFO
2018-03-06Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL34341852.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-03-06Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL58084500.nasl - Type : ACT_GATHER_INFO
2017-11-02Name : The remote Apache Tomcat server is affected by a code execution vulnerability.
File : tomcat_6_0_24.nasl - Type : ACT_GATHER_INFO
2017-11-01Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1261.nasl - Type : ACT_GATHER_INFO
2017-11-01Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1262.nasl - Type : ACT_GATHER_INFO
2017-10-31Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2017-3080.nasl - Type : ACT_GATHER_INFO
2017-10-31Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2017-3081.nasl - Type : ACT_GATHER_INFO
2017-10-31Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20171030_tomcat6_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2017-10-31Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20171030_tomcat_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2017-10-30Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-3080.nasl - Type : ACT_GATHER_INFO
2017-10-30Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-3081.nasl - Type : ACT_GATHER_INFO
2017-10-30Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-3080.nasl - Type : ACT_GATHER_INFO
2017-10-30Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-3081.nasl - Type : ACT_GATHER_INFO
2017-10-19Name : The remote database server is affected by multiple vulnerabilities.
File : oracle_rdbms_cpu_oct_2017.nasl - Type : ACT_GATHER_INFO
2017-09-08Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1191.nasl - Type : ACT_GATHER_INFO
2017-09-08Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1192.nasl - Type : ACT_GATHER_INFO
2017-08-25Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2017-2247.nasl - Type : ACT_GATHER_INFO
2017-08-23Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-2493.nasl - Type : ACT_GATHER_INFO
2017-08-22Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20170802_tomcat_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2017-08-09Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-2247.nasl - Type : ACT_GATHER_INFO
2017-08-02Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-2247.nasl - Type : ACT_GATHER_INFO