This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:apache:tomcat:8.5.0
Detail
VendorApacheFirst view 2016-07-04
ProductTomcatLast view2019-06-21
Version8.5.0TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:apache:tomcat

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
52019-06-21CVE-2019-10072NetworkLowNone Requ...
4.32019-05-28CVE-2019-0221NetworkMediumNone Requ...
9.32019-04-15CVE-2019-0232NetworkMediumNone Requ...
52019-04-10CVE-2019-0199NetworkLowNone Requ...
4.32018-10-04CVE-2018-11784NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
52018-08-02CVE-2018-1336NetworkLowNone Requ...
52018-08-01CVE-2018-8034NetworkLowNone Requ...
7.52018-05-16CVE-2018-8014NetworkLowNone Requ...
4.32018-02-28CVE-2018-1304NetworkMediumNone Requ...
42018-02-23CVE-2018-1305NetworkLowRequires ...
6.82017-10-03CVE-2017-12617NetworkMediumNone Requ...
52017-08-10CVE-2017-7675NetworkLowNone Requ...
4.32017-08-10CVE-2017-7674NetworkMediumNone Requ...
52017-08-10CVE-2016-8745NetworkLowNone Requ...
52017-08-10CVE-2016-6817NetworkLowNone Requ...
52017-08-10CVE-2016-6797NetworkLowNone Requ...
52017-08-10CVE-2016-6796NetworkLowNone Requ...
52017-08-10CVE-2016-6794NetworkLowNone Requ...
52017-08-10CVE-2016-5018NetworkLowNone Requ...
4.32017-08-10CVE-2016-0762NetworkMediumNone Requ...
52017-06-06CVE-2017-5664NetworkLowNone Requ...
7.52017-04-17CVE-2017-5651NetworkLowNone Requ...
52017-04-17CVE-2017-5650NetworkLowNone Requ...
6.42017-04-17CVE-2017-5648NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
12% (3)CWE-284Access Control (Authorization) Issues
12% (3)CWE-20Improper Input Validation
8% (2)CWE-400Uncontrolled Resource Consumption ('Resource Exhaustion')
8% (2)CWE-254Security Features
8% (2)CWE-200Information Exposure
Hide | Show 12 More...
%idName
4% (1)CWE-755Improper Handling of Exceptional Conditions
4% (1)CWE-668Exposure of Resource to Wrong Sphere
4% (1)CWE-601URL Redirection to Untrusted Site ('Open Redirect')
4% (1)CWE-434Unrestricted Upload of File with Dangerous Type
4% (1)CWE-404Improper Resource Shutdown or Release
4% (1)CWE-388Error Handling
4% (1)CWE-345Insufficient Verification of Data Authenticity
4% (1)CWE-295Certificate Issues
4% (1)CWE-264Permissions, Privileges, and Access Controls
4% (1)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
4% (1)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
4% (1)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...

SAINT Exploits

DescriptionLink
Apache Tomcat PUT method JSP uploadMore info here

Snort® IPS/IDS

DateDescription
2014-01-10.cmd? access
RuleID : 9791 - Type : SERVER-WEBAPP - Revision : 8
2014-01-10.bat? access
RuleID : 976-community - Type : SERVER-WEBAPP - Revision : 21
2014-01-10.bat? access
RuleID : 976 - Type : SERVER-WEBAPP - Revision : 21
2018-04-27Apache Tomcat Java JmxRemoteLifecycleListener unauthorized serialized object ...
RuleID : 46071 - Type : SERVER-APACHE - Revision : 1
2017-11-09Apache Tomcat remote JSP file upload attempt
RuleID : 44531 - Type : SERVER-APACHE - Revision : 3
Hide | Show 3 More...
DateDescription
2016-09-20Apache Tomcat Commons FileUpload library denial of service attempt
RuleID : 39908 - Type : SERVER-APACHE - Revision : 3
2016-07-28HttpOxy CGI application vulnerability potential man-in-the-middle attempt
RuleID : 39737-community - Type : SERVER-WEBAPP - Revision : 2
2016-08-31HttpOxy CGI application vulnerability potential man-in-the-middle attempt
RuleID : 39737 - Type : SERVER-WEBAPP - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-b1832101b8.nasl - Type : ACT_GATHER_INFO
2018-12-28Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1415.nasl - Type : ACT_GATHER_INFO
2018-12-14Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL73008537.nasl - Type : ACT_GATHER_INFO
2018-12-10Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1385.nasl - Type : ACT_GATHER_INFO
2018-11-27Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-3080.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-11-09Name : The remote Amazon Linux 2 host is missing a security update.
File : al2_ALAS-2018-1105.nasl - Type : ACT_GATHER_INFO
2018-11-08Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1099.nasl - Type : ACT_GATHER_INFO
2018-10-17Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2018-2921.nasl - Type : ACT_GATHER_INFO
2018-10-16Name : The remote Debian host is missing a security update.
File : debian_DLA-1545.nasl - Type : ACT_GATHER_INFO
2018-10-15Name : The remote Debian host is missing a security update.
File : debian_DLA-1544.nasl - Type : ACT_GATHER_INFO
2018-09-04Name : The remote Debian host is missing a security update.
File : debian_DLA-1491.nasl - Type : ACT_GATHER_INFO
2018-08-30Name : A web application running on the remote host is affected by multiple vulnerab...
File : activemq_5_15_5.nasl - Type : ACT_GATHER_INFO
2018-08-30Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4281.nasl - Type : ACT_GATHER_INFO
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2016-0011.nasl - Type : ACT_GATHER_INFO
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-1_0-0154.nasl - Type : ACT_GATHER_INFO
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-2_0-0065.nasl - Type : ACT_GATHER_INFO
2018-08-10Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1227.nasl - Type : ACT_GATHER_INFO
2018-08-10Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1055.nasl - Type : ACT_GATHER_INFO
2018-08-10Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1056.nasl - Type : ACT_GATHER_INFO
2018-07-30Name : The remote Debian host is missing a security update.
File : debian_DLA-1450.nasl - Type : ACT_GATHER_INFO
2018-07-30Name : The remote Debian host is missing a security update.
File : debian_DLA-1453.nasl - Type : ACT_GATHER_INFO
2018-07-20Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1220.nasl - Type : ACT_GATHER_INFO
2018-04-05Name : The remote Fedora host is missing a security update.
File : fedora_2018-50f0da5d38.nasl - Type : ACT_GATHER_INFO
2018-04-05Name : The remote Fedora host is missing a security update.
File : fedora_2018-a233dae4ab.nasl - Type : ACT_GATHER_INFO
2018-03-27Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-972.nasl - Type : ACT_GATHER_INFO