Search for vulnerabilities
Vulnerability details: VCID-6n5x-qv7t-aaam
Vulnerability ID VCID-6n5x-qv7t-aaam
Aliases CVE-2001-0829
GHSA-58hj-575g-5j25
Summary A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00089 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00130 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00130 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00130 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00130 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00731 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
epss 0.00925 https://api.first.org/data/v1/epss?cve=CVE-2001-0829
apache_tomcat Moderate https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0829
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-58hj-575g-5j25
cvssv2 5.1 https://nvd.nist.gov/vuln/detail/CVE-2001-0829
generic_textual MODERATE https://web.archive.org/web/20021108153830/http://online.securityfocus.com/bid/2982
generic_textual MODERATE https://web.archive.org/web/20021201182720/http://jakarta.apache.org/tomcat/tomcat-3.2-doc/readme
generic_textual MODERATE https://web.archive.org/web/20061208015126/http://archive.cert.uni-stuttgart.de/archive/bugtraq/2001/07/msg00021.html
Reference id Reference type URL
http://archive.cert.uni-stuttgart.de/archive/bugtraq/2001/07/msg00021.html
http://jakarta.apache.org/tomcat/tomcat-3.2-doc/readme
https://api.first.org/data/v1/epss?cve=CVE-2001-0829
https://web.archive.org/web/20021108153830/http://online.securityfocus.com/bid/2982
https://web.archive.org/web/20021201182720/http://jakarta.apache.org/tomcat/tomcat-3.2-doc/readme
https://web.archive.org/web/20061208015126/http://archive.cert.uni-stuttgart.de/archive/bugtraq/2001/07/msg00021.html
http://www.securityfocus.com/bid/2982
cpe:2.3:a:apache:tomcat:3.2.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:3.2.1:*:*:*:*:*:*:*
CVE-2001-0829 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0829
CVE-2001-0829 https://nvd.nist.gov/vuln/detail/CVE-2001-0829
GHSA-58hj-575g-5j25 https://github.com/advisories/GHSA-58hj-575g-5j25
No exploits are available.
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2001-0829
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.38968
EPSS Score 0.00089
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.