Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-rwvj-tq6x-2ubs
Vulnerability ID VCID-rwvj-tq6x-2ubs
Aliases CVE-2008-2938
GHSA-m7xj-ccqc-p4g2
Summary Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version.
Status Published
Exploitability 2.0
Weighted Severity 6.2
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
System Score Found at
generic_textual MODERATE http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
generic_textual MODERATE http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
epss 0.92704 https://api.first.org/data/v1/epss?cve=CVE-2008-2938
epss 0.92704 https://api.first.org/data/v1/epss?cve=CVE-2008-2938
epss 0.92704 https://api.first.org/data/v1/epss?cve=CVE-2008-2938
epss 0.92704 https://api.first.org/data/v1/epss?cve=CVE-2008-2938
epss 0.92704 https://api.first.org/data/v1/epss?cve=CVE-2008-2938
epss 0.92704 https://api.first.org/data/v1/epss?cve=CVE-2008-2938
epss 0.92704 https://api.first.org/data/v1/epss?cve=CVE-2008-2938
epss 0.92704 https://api.first.org/data/v1/epss?cve=CVE-2008-2938
generic_textual MODERATE https://exchange.xforce.ibmcloud.com/vulnerabilities/44411
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-m7xj-ccqc-p4g2
generic_textual MODERATE https://github.com/apache/tomcat
generic_textual MODERATE https://github.com/apache/tomcat/commit/c55ad56ed72ee1dbfe790bc5492d4df74e3e754f
generic_textual MODERATE https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2008-2938
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2008-2938
generic_textual MODERATE https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10587
generic_textual MODERATE http://support.apple.com/kb/HT3216
generic_textual MODERATE http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm
generic_textual MODERATE https://web.archive.org/web/20080827130946/http://securityreason.com/securityalert/4148
generic_textual MODERATE https://web.archive.org/web/20090201124623/http://secunia.com/advisories/31639
generic_textual MODERATE https://web.archive.org/web/20090201124633/http://secunia.com/advisories/31891
generic_textual MODERATE https://web.archive.org/web/20090201124638/http://secunia.com/advisories/32120
generic_textual MODERATE https://web.archive.org/web/20090201124957/http://secunia.com/advisories/31982
generic_textual MODERATE https://web.archive.org/web/20090201125002/http://secunia.com/advisories/32266
generic_textual MODERATE https://web.archive.org/web/20090201141000/http://secunia.com/advisories/32222
generic_textual MODERATE https://web.archive.org/web/20090207111236/http://secunia.com/advisories/33797
generic_textual MODERATE https://web.archive.org/web/20090308065055/http://secunia.com/advisories/31865
generic_textual MODERATE https://web.archive.org/web/20100516085845/http://secunia.com/advisories/37297
generic_textual MODERATE https://web.archive.org/web/20110711210039/http://rhn.redhat.com/errata/RHSA-2008-0862.html
generic_textual MODERATE https://web.archive.org/web/20110713233239/http://rhn.redhat.com/errata/RHSA-2008-0648.html
generic_textual MODERATE https://web.archive.org/web/20110713234158/http://rhn.redhat.com/errata/RHSA-2008-0864.html
generic_textual MODERATE https://web.archive.org/web/20140628064423/http://www.securityfocus.com/archive/1/495318/100/0/threaded
generic_textual MODERATE https://web.archive.org/web/20140628064448/http://www.securityfocus.com/archive/1/507729/100/0/threaded
generic_textual MODERATE https://web.archive.org/web/20140826163457/http://www.securityfocus.com/bid/30633
generic_textual MODERATE https://web.archive.org/web/20140826171227/http://www.securitytracker.com/id?1020665
generic_textual MODERATE https://web.archive.org/web/20140826232500/http://www.securityfocus.com/bid/31681
generic_textual MODERATE https://web.archive.org/web/20140827130327/http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt
generic_textual MODERATE https://web.archive.org/web/20200612070417/http://marc.info/?l=bugtraq&m=123376588623823&w=2
generic_textual MODERATE https://www.exploit-db.com/exploits/6229
generic_textual MODERATE https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html
generic_textual MODERATE https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html
generic_textual MODERATE https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html
generic_textual MODERATE http://tomcat.apache.org/security-4.html
generic_textual MODERATE http://tomcat.apache.org/security-5.html
generic_textual MODERATE http://tomcat.apache.org/security-6.html
generic_textual MODERATE http://www.kb.cert.org/vuls/id/343355
generic_textual MODERATE http://www.mandriva.com/security/advisories?name=MDVSA-2008:188
Reference id Reference type URL
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
http://marc.info/?l=bugtraq&m=123376588623823&w=2
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2938.json
https://api.first.org/data/v1/epss?cve=CVE-2008-2938
http://secunia.com/advisories/31639
http://secunia.com/advisories/31865
http://secunia.com/advisories/31891
http://secunia.com/advisories/31982
http://secunia.com/advisories/32120
http://secunia.com/advisories/32222
http://secunia.com/advisories/32266
http://secunia.com/advisories/33797
http://secunia.com/advisories/37297
http://securityreason.com/securityalert/4148
https://exchange.xforce.ibmcloud.com/vulnerabilities/44411
https://github.com/apache/tomcat
https://github.com/apache/tomcat/commit/150bc791ac3ba40081425dd1c37a053fbb02b339
https://github.com/apache/tomcat/commit/c55ad56ed72ee1dbfe790bc5492d4df74e3e754f
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
https://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2008-2938
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10587
http://support.apple.com/kb/HT3216
http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm
https://web.archive.org/web/20080827130946/http://securityreason.com/securityalert/4148
https://web.archive.org/web/20090201124623/http://secunia.com/advisories/31639
https://web.archive.org/web/20090201124633/http://secunia.com/advisories/31891
https://web.archive.org/web/20090201124638/http://secunia.com/advisories/32120
https://web.archive.org/web/20090201124957/http://secunia.com/advisories/31982
https://web.archive.org/web/20090201125002/http://secunia.com/advisories/32266
https://web.archive.org/web/20090201141000/http://secunia.com/advisories/32222
https://web.archive.org/web/20090207111236/http://secunia.com/advisories/33797
https://web.archive.org/web/20090308065055/http://secunia.com/advisories/31865
https://web.archive.org/web/20100516085845/http://secunia.com/advisories/37297
https://web.archive.org/web/20110711210039/http://rhn.redhat.com/errata/RHSA-2008-0862.html
https://web.archive.org/web/20110713233239/http://rhn.redhat.com/errata/RHSA-2008-0648.html
https://web.archive.org/web/20110713234158/http://rhn.redhat.com/errata/RHSA-2008-0864.html
https://web.archive.org/web/20140628064423/http://www.securityfocus.com/archive/1/495318/100/0/threaded
https://web.archive.org/web/20140628064448/http://www.securityfocus.com/archive/1/507729/100/0/threaded
https://web.archive.org/web/20140826163457/http://www.securityfocus.com/bid/30633
https://web.archive.org/web/20140826171227/http://www.securitytracker.com/id?1020665
https://web.archive.org/web/20140826232500/http://www.securityfocus.com/bid/31681
https://web.archive.org/web/20140827130327/http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt
https://web.archive.org/web/20200612070417/http://marc.info/?l=bugtraq&m=123376588623823&w=2
https://www.exploit-db.com/exploits/6229
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html
http://tomcat.apache.org/security-4.html
http://tomcat.apache.org/security-5.html
http://tomcat.apache.org/security-6.html
http://www.kb.cert.org/vuls/id/343355
http://www.mandriva.com/security/advisories?name=MDVSA-2008:188
http://www.redhat.com/support/errata/RHSA-2008-0648.html
http://www.redhat.com/support/errata/RHSA-2008-0862.html
http://www.redhat.com/support/errata/RHSA-2008-0864.html
http://www.securenetwork.it/ricerca/advisory/download/SN-2009-02.txt
http://www.securityfocus.com/archive/1/495318/100/0/threaded
http://www.securityfocus.com/archive/1/507729/100/0/threaded
http://www.securityfocus.com/bid/30633
http://www.securityfocus.com/bid/31681
http://www.securitytracker.com/id?1020665
http://www.vupen.com/english/advisories/2008/2343
http://www.vupen.com/english/advisories/2008/2780
http://www.vupen.com/english/advisories/2008/2823
http://www.vupen.com/english/advisories/2009/0320
456120 https://bugzilla.redhat.com/show_bug.cgi?id=456120
cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
CVE-2008-2938 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/14489.c
GHSA-m7xj-ccqc-p4g2 https://github.com/advisories/GHSA-m7xj-ccqc-p4g2
OSVDB-47464;CVE-2008-2938 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6229.txt
Data source Exploit-DB
Date added July 28, 2010
Description Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal
Ransomware campaign use Known
Source publication date July 28, 2010
Exploit type remote
Platform unix
Source update date March 30, 2017
Data source Metasploit
Description This module tests whether a directory traversal vulnerability is present in Trend Micro DLP (Data Loss Prevention) Appliance v5.5 build <= 1294. The vulnerability appears to be actually caused by the Tomcat UTF-8 bug which is implemented in module tomcat_utf8_traversal CVE 2008-2938. This module simply tests for the same bug with Trend Micro specific settings. Note that in the Trend Micro appliance, /etc/shadow is not used and therefore password hashes are stored and anonymously accessible in the passwd file.
Note 
Stability:
  - crash-safe
SideEffects:
  - ioc-in-logs
Reliability: []
Ransomware campaign use Unknown
Source publication date Jan. 9, 2009
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/admin/http/trendmicro_dlp_traversal.rb
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2008-2938
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.9975
EPSS Score 0.92704
Published At April 2, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T12:38:15.903904+00:00 ProjectKB MSRImporter Import https://raw.githubusercontent.com/SAP/project-kb/master/MSR2019/dataset/vulas_db_msr2019_release.csv 38.0.0