This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
Summuary | |
---|---|
CPE Name | cpe:/a:apache:tomcat:9.0.0:m22 |
Detail | |||
---|---|---|---|
Vendor | Apache | First view | 2017-10-03 |
Product | Tomcat | Last view | 2019-06-21 |
Version | 9.0.0 | Type | Application |
Edition | |||
Language | |||
Update | m22 | ||
CPE Product | cpe:/a:apache:tomcat |
Activity : Overall
Related : CVE
Date | Alert | Access Vector | Access Complexity | Authentication | ||
---|---|---|---|---|---|---|
5 | 2019-06-21 | CVE-2019-10072 | Network | Low | None Requ... | |
4.3 | 2019-05-28 | CVE-2019-0221 | Network | Medium | None Requ... | |
9.3 | 2019-04-15 | CVE-2019-0232 | Network | Medium | None Requ... | |
4.3 | 2018-10-04 | CVE-2018-11784 | Network | Medium | None Requ... | |
4.3 | 2018-08-02 | CVE-2018-8037 | Network | Medium | None Requ... | |
Date | Alert | Access Vector | Access Complexity | Authentication | ||
---|---|---|---|---|---|---|
5 | 2018-08-02 | CVE-2018-1336 | Network | Low | None Requ... | |
5 | 2018-08-01 | CVE-2018-8034 | Network | Low | None Requ... | |
7.5 | 2018-05-16 | CVE-2018-8014 | Network | Low | None Requ... | |
4.3 | 2018-02-28 | CVE-2018-1304 | Network | Medium | None Requ... | |
4 | 2018-02-23 | CVE-2018-1305 | Network | Low | Requires ... | |
5 | 2018-01-31 | CVE-2017-15706 | Network | Low | None Requ... | |
6.8 | 2017-10-03 | CVE-2017-12617 | Network | Medium | None Requ... |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
12% (1) | CWE-601 | URL Redirection to Untrusted Site ('Open Redirect') |
12% (1) | CWE-434 | Unrestricted Upload of File with Dangerous Type |
12% (1) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
12% (1) | CWE-362 | Race Condition |
12% (1) | CWE-358 | Improperly Implemented Security Check for Standard |
% | id | Name |
---|---|---|
12% (1) | CWE-295 | Certificate Issues |
12% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
12% (1) | CWE-20 | Improper Input Validation |
SAINT Exploits
Description | Link |
---|---|
Apache Tomcat PUT method JSP upload | More info here |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | .cmd? access RuleID : 9791 - Type : SERVER-WEBAPP - Revision : 8 |
2014-01-10 | .bat? access RuleID : 976-community - Type : SERVER-WEBAPP - Revision : 21 |
2014-01-10 | .bat? access RuleID : 976 - Type : SERVER-WEBAPP - Revision : 21 |
2017-11-09 | Apache Tomcat remote JSP file upload attempt RuleID : 44531 - Type : SERVER-APACHE - Revision : 3 |
Nessus® Vulnerability Scanner
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id | Description |
---|---|
2019-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2018-b1832101b8.nasl - Type : ACT_GATHER_INFO |
2018-12-28 | Name : The remote EulerOS host is missing a security update. File : EulerOS_SA-2018-1415.nasl - Type : ACT_GATHER_INFO |
2018-12-14 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL73008537.nasl - Type : ACT_GATHER_INFO |
2018-12-10 | Name : The remote EulerOS host is missing a security update. File : EulerOS_SA-2018-1385.nasl - Type : ACT_GATHER_INFO |
2018-11-27 | Name : The remote Virtuozzo host is missing a security update. File : Virtuozzo_VZLSA-2017-3080.nasl - Type : ACT_GATHER_INFO |
id | Description |
---|---|
2018-11-09 | Name : The remote Amazon Linux 2 host is missing a security update. File : al2_ALAS-2018-1105.nasl - Type : ACT_GATHER_INFO |
2018-11-08 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2018-1099.nasl - Type : ACT_GATHER_INFO |
2018-10-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2018-2921.nasl - Type : ACT_GATHER_INFO |
2018-10-16 | Name : The remote Debian host is missing a security update. File : debian_DLA-1545.nasl - Type : ACT_GATHER_INFO |
2018-10-15 | Name : The remote Debian host is missing a security update. File : debian_DLA-1544.nasl - Type : ACT_GATHER_INFO |
2018-09-04 | Name : The remote Debian host is missing a security update. File : debian_DLA-1491.nasl - Type : ACT_GATHER_INFO |
2018-08-30 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-4281.nasl - Type : ACT_GATHER_INFO |
2018-08-17 | Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2018-1_0-0154.nasl - Type : ACT_GATHER_INFO |
2018-08-17 | Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2018-2_0-0065.nasl - Type : ACT_GATHER_INFO |
2018-08-10 | Name : The remote EulerOS host is missing a security update. File : EulerOS_SA-2018-1227.nasl - Type : ACT_GATHER_INFO |
2018-08-10 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2018-1055.nasl - Type : ACT_GATHER_INFO |
2018-08-10 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2018-1056.nasl - Type : ACT_GATHER_INFO |
2018-07-30 | Name : The remote Debian host is missing a security update. File : debian_DLA-1450.nasl - Type : ACT_GATHER_INFO |
2018-07-30 | Name : The remote Debian host is missing a security update. File : debian_DLA-1453.nasl - Type : ACT_GATHER_INFO |
2018-07-20 | Name : The remote EulerOS host is missing a security update. File : EulerOS_SA-2018-1220.nasl - Type : ACT_GATHER_INFO |
2018-04-05 | Name : The remote Fedora host is missing a security update. File : fedora_2018-50f0da5d38.nasl - Type : ACT_GATHER_INFO |
2018-04-05 | Name : The remote Fedora host is missing a security update. File : fedora_2018-a233dae4ab.nasl - Type : ACT_GATHER_INFO |
2018-03-27 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2018-972.nasl - Type : ACT_GATHER_INFO |
2018-03-27 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2018-973.nasl - Type : ACT_GATHER_INFO |
2018-03-07 | Name : The remote Debian host is missing a security update. File : debian_DLA-1301.nasl - Type : ACT_GATHER_INFO |