Search for vulnerabilities
Vulnerability details: VCID-hfvf-t5zf-aaaf
Vulnerability ID VCID-hfvf-t5zf-aaaf
Aliases CVE-2012-0022
GHSA-8h2q-qm9x-55jc
Summary Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-189 Numeric Errors
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
generic_textual MODERATE http://marc.info/?l=bugtraq&m=132871655717248&w=2
generic_textual MODERATE http://marc.info/?l=bugtraq&m=133294394108746&w=2
cvssv3.1 4.2 http://marc.info/?l=bugtraq&m=136485229118404&w=2
generic_textual MODERATE http://marc.info/?l=bugtraq&m=136485229118404&w=2
generic_textual MODERATE http://rhn.redhat.com/errata/RHSA-2012-0074.html
generic_textual MODERATE http://rhn.redhat.com/errata/RHSA-2012-0075.html
generic_textual MODERATE http://rhn.redhat.com/errata/RHSA-2012-0076.html
rhas Important https://access.redhat.com/errata/RHSA-2012:0074
rhas Important https://access.redhat.com/errata/RHSA-2012:0075
rhas Important https://access.redhat.com/errata/RHSA-2012:0076
rhas Important https://access.redhat.com/errata/RHSA-2012:0077
rhas Important https://access.redhat.com/errata/RHSA-2012:0078
rhas Important https://access.redhat.com/errata/RHSA-2012:0325
rhas Moderate https://access.redhat.com/errata/RHSA-2012:0345
rhas Moderate https://access.redhat.com/errata/RHSA-2012:0474
rhas Moderate https://access.redhat.com/errata/RHSA-2012:0475
rhas Moderate https://access.redhat.com/errata/RHSA-2012:0679
rhas Moderate https://access.redhat.com/errata/RHSA-2012:0680
rhas Moderate https://access.redhat.com/errata/RHSA-2012:0681
rhas Moderate https://access.redhat.com/errata/RHSA-2012:0682
rhas Moderate https://access.redhat.com/errata/RHSA-2012:1331
epss 0.05871 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.05871 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.05871 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.05871 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.05871 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.05871 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.05871 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.05871 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.05871 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.05871 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.05871 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.12966 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.12966 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.12966 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.23274 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.26524 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
epss 0.29335 https://api.first.org/data/v1/epss?cve=CVE-2012-0022
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=783359
apache_tomcat Important https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022
generic_textual MODERATE https://exchange.xforce.ibmcloud.com/vulnerabilities/72425
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-8h2q-qm9x-55jc
cvssv3.1 7.5 https://github.com/apache/tomcat
generic_textual HIGH https://github.com/apache/tomcat
generic_textual MODERATE https://github.com/apache/tomcat55/commit/0314fe7743cb72e469cb395ccaaf2793a2ea0355
generic_textual MODERATE https://github.com/apache/tomcat55/commit/7a1cfb6bd2f849806e7c060dda8648409ad8714e
generic_textual MODERATE https://github.com/apache/tomcat55/commit/b05497eff4311a9657de6dfc53511d0309eb9db4
cvssv3.1 4.2 https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
cvssv3.1 4.2 https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
generic_textual LOW https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
cvssv3.1 4.2 https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
cvssv3.1 4.2 https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
generic_textual LOW https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
cvssv3.1 4.2 https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
cvssv3.1 4.2 https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
generic_textual LOW https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
cvssv3.1 4.2 https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
cvssv3.1 4.2 https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
generic_textual LOW https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2012-0022
generic_textual MODERATE https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:16925
generic_textual MODERATE https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:18934
cvssv3.1 4.2 http://tomcat.apache.org/security-5.html
generic_textual MODERATE http://tomcat.apache.org/security-5.html
cvssv3.1 9.8 http://tomcat.apache.org/security-6.html
generic_textual CRITICAL http://tomcat.apache.org/security-6.html
cvssv3.1 9.8 http://tomcat.apache.org/security-7.html
generic_textual CRITICAL http://tomcat.apache.org/security-7.html
generic_textual MODERATE http://www.debian.org/security/2012/dsa-2401
generic_textual MODERATE http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
Reference id Reference type URL
http://archives.neohapsis.com/archives/bugtraq/2012-01/0112.html
http://marc.info/?l=bugtraq&m=132871655717248&w=2
http://marc.info/?l=bugtraq&m=133294394108746&w=2
http://marc.info/?l=bugtraq&m=136485229118404&w=2
http://rhn.redhat.com/errata/RHSA-2012-0074.html
http://rhn.redhat.com/errata/RHSA-2012-0075.html
http://rhn.redhat.com/errata/RHSA-2012-0076.html
http://rhn.redhat.com/errata/RHSA-2012-0077.html
http://rhn.redhat.com/errata/RHSA-2012-0078.html
http://rhn.redhat.com/errata/RHSA-2012-0325.html
http://rhn.redhat.com/errata/RHSA-2012-0345.html
http://rhn.redhat.com/errata/RHSA-2012-1331.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0022.json
https://api.first.org/data/v1/epss?cve=CVE-2012-0022
http://secunia.com/advisories/48213
http://secunia.com/advisories/48549
http://secunia.com/advisories/48790
http://secunia.com/advisories/48791
http://secunia.com/advisories/50863
https://exchange.xforce.ibmcloud.com/vulnerabilities/72425
https://github.com/apache/tomcat
https://github.com/apache/tomcat55/commit/0314fe7743cb72e469cb395ccaaf2793a2ea0355
https://github.com/apache/tomcat55/commit/7a1cfb6bd2f849806e7c060dda8648409ad8714e
https://github.com/apache/tomcat55/commit/b05497eff4311a9657de6dfc53511d0309eb9db4
https://github.com/apache/tomcat70/commit/0351f661e9219a0682df1d2a9265c518438279c6
https://github.com/apache/tomcat70/commit/0569aa6a01a74d51b93fd0027288358825fc03d5
https://github.com/apache/tomcat70/commit/0c5d3a903598abd7c7ebe1b00e27a6574339c417
https://github.com/apache/tomcat70/commit/233dcc857e0faf8bc94325be5fb287aa70ee944f
https://github.com/apache/tomcat70/commit/597edaab8863df03f7bdc4eafb39e754fd3cd322
https://github.com/apache/tomcat70/commit/5fd94ded5ebc57926974064d9b1e82e8f44c743c
https://github.com/apache/tomcat70/commit/7b05232350c11370ab9385185a57ccd1fe7da09f
https://github.com/apache/tomcat70/commit/9649a2147ce04753bb0bbe2be8e66444670c6db5
https://github.com/apache/tomcat70/commit/a2fede48c2d8130db216ea2261c376d723021aa4
https://github.com/apache/tomcat70/commit/a4bfa01d4e6fd677f6831ab7b3e513c8b94c6185
https://github.com/apache/tomcat70/commit/c2508191c17acd5e530d80a623a4ac28a8b23128
https://github.com/apache/tomcat70/commit/c7950cf9f2d7790a40113d2b50e52cbb337a8fe9
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16925
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18934
https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:16925
https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:18934
https://svn.apache.org/viewvc?view=rev&rev=1189899
https://svn.apache.org/viewvc?view=rev&rev=1190372
https://svn.apache.org/viewvc?view=rev&rev=1190482
https://svn.apache.org/viewvc?view=rev&rev=1194917
https://svn.apache.org/viewvc?view=rev&rev=1195225
https://svn.apache.org/viewvc?view=rev&rev=1195226
https://svn.apache.org/viewvc?view=rev&rev=1195537
https://svn.apache.org/viewvc?view=rev&rev=1195909
https://svn.apache.org/viewvc?view=rev&rev=1195944
https://svn.apache.org/viewvc?view=rev&rev=1195951
https://svn.apache.org/viewvc?view=rev&rev=1195977
https://svn.apache.org/viewvc?view=rev&rev=1198641
https://svn.apache.org/viewvc?view=rev&rev=1200601
https://svn.apache.org/viewvc?view=rev&rev=1206324
https://svn.apache.org/viewvc?view=rev&rev=1221282
https://svn.apache.org/viewvc?view=rev&rev=1224640
https://svn.apache.org/viewvc?view=rev&rev=1228191
https://svn.apache.org/viewvc?view=rev&rev=1229027
http://tomcat.apache.org/security-5.html
http://tomcat.apache.org/security-6.html
http://tomcat.apache.org/security-7.html
http://www.debian.org/security/2012/dsa-2401
http://www.mandriva.com/security/advisories?name=MDVSA-2012:085
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
http://www.securityfocus.com/bid/51447
783359 https://bugzilla.redhat.com/show_bug.cgi?id=783359
cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.27:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.27:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.28:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.28:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.29:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.29:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.30:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.30:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.31:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.31:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.32:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.32:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.33:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.33:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.34:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.34:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*
CVE-2012-0022 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022
CVE-2012-0022 https://nvd.nist.gov/vuln/detail/CVE-2012-0022
GHSA-8h2q-qm9x-55jc https://github.com/advisories/GHSA-8h2q-qm9x-55jc
GLSA-201206-24 https://security.gentoo.org/glsa/201206-24
RHSA-2012:0074 https://access.redhat.com/errata/RHSA-2012:0074
RHSA-2012:0075 https://access.redhat.com/errata/RHSA-2012:0075
RHSA-2012:0076 https://access.redhat.com/errata/RHSA-2012:0076
RHSA-2012:0077 https://access.redhat.com/errata/RHSA-2012:0077
RHSA-2012:0078 https://access.redhat.com/errata/RHSA-2012:0078
RHSA-2012:0325 https://access.redhat.com/errata/RHSA-2012:0325
RHSA-2012:0345 https://access.redhat.com/errata/RHSA-2012:0345
RHSA-2012:0474 https://access.redhat.com/errata/RHSA-2012:0474
RHSA-2012:0475 https://access.redhat.com/errata/RHSA-2012:0475
RHSA-2012:0679 https://access.redhat.com/errata/RHSA-2012:0679
RHSA-2012:0680 https://access.redhat.com/errata/RHSA-2012:0680
RHSA-2012:0681 https://access.redhat.com/errata/RHSA-2012:0681
RHSA-2012:0682 https://access.redhat.com/errata/RHSA-2012:0682
RHSA-2012:1331 https://access.redhat.com/errata/RHSA-2012:1331
USN-1359-1 https://usn.ubuntu.com/1359-1/
No exploits are available.
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://marc.info/?l=bugtraq&m=136485229118404&w=2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/apache/tomcat
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2012-0022
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://tomcat.apache.org/security-5.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://tomcat.apache.org/security-6.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://tomcat.apache.org/security-7.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.93616
EPSS Score 0.05871
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.