Search for vulnerabilities
Vulnerability details: VCID-mtv2-58p5-aaag
Vulnerability ID VCID-mtv2-58p5-aaag
Aliases CVE-2008-3271
Summary CVE-2008-3271 tomcat RemoteFilterValve Information disclosure
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-264 Permissions, Privileges, and Access Controls
System Score Found at
rhas Low https://access.redhat.com/errata/RHSA-2008:1007
epss 0.00336 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.00336 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.00336 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.00336 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.00336 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.00336 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.00336 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.00336 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.00336 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.00336 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.00336 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.00336 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.00682 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.00682 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.00682 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.00695 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.0429 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.043 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
epss 0.06979 https://api.first.org/data/v1/epss?cve=CVE-2008-3271
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=466875
apache_tomcat Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271
cvssv3.1 4.2 https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
cvssv3.1 4.2 https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
cvssv3.1 4.2 https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
cvssv3.1 4.2 https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
cvssv3.1 4.2 https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
cvssv3.1 4.2 https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
generic_textual MODERATE https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2008-3271
cvssv3.1 4.2 http://tomcat.apache.org/security-4.html
generic_textual MODERATE http://tomcat.apache.org/security-4.html
cvssv3.1 4.2 http://tomcat.apache.org/security-5.html
generic_textual MODERATE http://tomcat.apache.org/security-5.html
Reference id Reference type URL
http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000069.html
http://jvn.jp/en/jp/JVN30732239/index.html
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3271.json
https://api.first.org/data/v1/epss?cve=CVE-2008-3271
http://secunia.com/advisories/32213
http://secunia.com/advisories/32234
http://secunia.com/advisories/32398
http://secunia.com/advisories/35684
http://securityreason.com/securityalert/4396
https://exchange.xforce.ibmcloud.com/vulnerabilities/45791
https://issues.apache.org/bugzilla/show_bug.cgi?id=25835
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
http://tomcat.apache.org/security-4.html
http://tomcat.apache.org/security-5.html
http://www.fujitsu.com/global/support/software/security/products-f/interstage-200806e.html
http://www.nec.co.jp/security-info/secinfo/nv09-006.html
http://www.securityfocus.com/archive/1/497220/100/0/threaded
http://www.securityfocus.com/bid/31698
http://www.securitytracker.com/id?1021039
http://www.vupen.com/english/advisories/2008/2793
http://www.vupen.com/english/advisories/2008/2800
http://www.vupen.com/english/advisories/2009/1818
466875 https://bugzilla.redhat.com/show_bug.cgi?id=466875
cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.3:beta:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.3:beta:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:4.1.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:4.1.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*
CVE-2008-3271 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3271
CVE-2008-3271 https://nvd.nist.gov/vuln/detail/CVE-2008-3271
RHSA-2008:1007 https://access.redhat.com/errata/RHSA-2008:1007
No exploits are available.
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2008-3271
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://tomcat.apache.org/security-4.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://tomcat.apache.org/security-5.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.71797
EPSS Score 0.00336
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.