Apache Tomcat 9.0.0 M22

This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Name	cpe:/a:apache:tomcat:9.0.0:m22

Detail
Vendor	Apache	First view	2017-10-03
Product	Tomcat	Last view	2019-06-21
Version	9.0.0	Type	Application
Edition
Language
Update	m22

CPE Product	cpe:/a:apache:tomcat

Activity : Overall

Related : CVE

	Date	Alert	Access Vector	Access Complexity	Authentication
5	2019-06-21	CVE-2019-10072	Network	Low	None Requ...
4.3	2019-05-28	CVE-2019-0221	Network	Medium	None Requ...
9.3	2019-04-15	CVE-2019-0232	Network	Medium	None Requ...
4.3	2018-10-04	CVE-2018-11784	Network	Medium	None Requ...
4.3	2018-08-02	CVE-2018-8037	Network	Medium	None Requ...
Hide \| Show 7 More...

	Date	Alert	Access Vector	Access Complexity	Authentication
5	2018-08-02	CVE-2018-1336	Network	Low	None Requ...
5	2018-08-01	CVE-2018-8034	Network	Low	None Requ...
7.5	2018-05-16	CVE-2018-8014	Network	Low	None Requ...
4.3	2018-02-28	CVE-2018-1304	Network	Medium	None Requ...
4	2018-02-23	CVE-2018-1305	Network	Low	Requires ...
5	2018-01-31	CVE-2017-15706	Network	Low	None Requ...
6.8	2017-10-03	CVE-2017-12617	Network	Medium	None Requ...

CWE : Common Weakness Enumeration

%	id	Name
12% (1)	CWE-601	URL Redirection to Untrusted Site ('Open Redirect')
12% (1)	CWE-434	Unrestricted Upload of File with Dangerous Type
12% (1)	CWE-400	Uncontrolled Resource Consumption ('Resource Exhaustion')
12% (1)	CWE-362	Race Condition
12% (1)	CWE-358	Improperly Implemented Security Check for Standard
Hide \| Show 3 More...

%	id	Name
12% (1)	CWE-295	Certificate Issues
12% (1)	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting')
12% (1)	CWE-20	Improper Input Validation

SAINT Exploits

Description	Link
Apache Tomcat PUT method JSP upload	More info here

Snort® IPS/IDS

Date	Description
2014-01-10	.cmd? access RuleID : 9791 - Type : SERVER-WEBAPP - Revision : 8
2014-01-10	.bat? access RuleID : 976-community - Type : SERVER-WEBAPP - Revision : 21
2014-01-10	.bat? access RuleID : 976 - Type : SERVER-WEBAPP - Revision : 21
2017-11-09	Apache Tomcat remote JSP file upload attempt RuleID : 44531 - Type : SERVER-APACHE - Revision : 3

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.

id	Description
2019-01-03	Name : The remote Fedora host is missing a security update. File : fedora_2018-b1832101b8.nasl - Type : ACT_GATHER_INFO
2018-12-28	Name : The remote EulerOS host is missing a security update. File : EulerOS_SA-2018-1415.nasl - Type : ACT_GATHER_INFO
2018-12-14	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL73008537.nasl - Type : ACT_GATHER_INFO
2018-12-10	Name : The remote EulerOS host is missing a security update. File : EulerOS_SA-2018-1385.nasl - Type : ACT_GATHER_INFO
2018-11-27	Name : The remote Virtuozzo host is missing a security update. File : Virtuozzo_VZLSA-2017-3080.nasl - Type : ACT_GATHER_INFO
Hide \| Show 20 More...

id	Description
2018-11-09	Name : The remote Amazon Linux 2 host is missing a security update. File : al2_ALAS-2018-1105.nasl - Type : ACT_GATHER_INFO
2018-11-08	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2018-1099.nasl - Type : ACT_GATHER_INFO
2018-10-17	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2018-2921.nasl - Type : ACT_GATHER_INFO
2018-10-16	Name : The remote Debian host is missing a security update. File : debian_DLA-1545.nasl - Type : ACT_GATHER_INFO
2018-10-15	Name : The remote Debian host is missing a security update. File : debian_DLA-1544.nasl - Type : ACT_GATHER_INFO
2018-09-04	Name : The remote Debian host is missing a security update. File : debian_DLA-1491.nasl - Type : ACT_GATHER_INFO
2018-08-30	Name : The remote Debian host is missing a security-related update. File : debian_DSA-4281.nasl - Type : ACT_GATHER_INFO
2018-08-17	Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2018-1_0-0154.nasl - Type : ACT_GATHER_INFO
2018-08-17	Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2018-2_0-0065.nasl - Type : ACT_GATHER_INFO
2018-08-10	Name : The remote EulerOS host is missing a security update. File : EulerOS_SA-2018-1227.nasl - Type : ACT_GATHER_INFO
2018-08-10	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2018-1055.nasl - Type : ACT_GATHER_INFO
2018-08-10	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2018-1056.nasl - Type : ACT_GATHER_INFO
2018-07-30	Name : The remote Debian host is missing a security update. File : debian_DLA-1450.nasl - Type : ACT_GATHER_INFO
2018-07-30	Name : The remote Debian host is missing a security update. File : debian_DLA-1453.nasl - Type : ACT_GATHER_INFO
2018-07-20	Name : The remote EulerOS host is missing a security update. File : EulerOS_SA-2018-1220.nasl - Type : ACT_GATHER_INFO
2018-04-05	Name : The remote Fedora host is missing a security update. File : fedora_2018-50f0da5d38.nasl - Type : ACT_GATHER_INFO
2018-04-05	Name : The remote Fedora host is missing a security update. File : fedora_2018-a233dae4ab.nasl - Type : ACT_GATHER_INFO
2018-03-27	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2018-972.nasl - Type : ACT_GATHER_INFO
2018-03-27	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2018-973.nasl - Type : ACT_GATHER_INFO
2018-03-07	Name : The remote Debian host is missing a security update. File : debian_DLA-1301.nasl - Type : ACT_GATHER_INFO