VulnerableCode Vulnerability Details

System	Score	Found at
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html
generic_textual	MODERATE	http://marc.info/?l=bugtraq&m=136612293908376&w=2
cvssv3.1	7.5	http://marc.info/?l=bugtraq&m=139344343412337&w=2
generic_textual	MODERATE	http://marc.info/?l=bugtraq&m=139344343412337&w=2
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0004.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0005.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0146.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0147.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0151.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0157.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0158.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0162.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0163.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0164.html
cvssv3.1	5.9	http://rhn.redhat.com/errata/RHSA-2013-0191.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0191.html
cvssv3.1	5.9	http://rhn.redhat.com/errata/RHSA-2013-0192.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0192.html
cvssv3.1	5.9	http://rhn.redhat.com/errata/RHSA-2013-0193.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0193.html
cvssv3.1	5.9	http://rhn.redhat.com/errata/RHSA-2013-0194.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0194.html
cvssv3.1	5.9	http://rhn.redhat.com/errata/RHSA-2013-0195.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0195.html
cvssv3.1	5.9	http://rhn.redhat.com/errata/RHSA-2013-0196.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0196.html
cvssv3.1	5.9	http://rhn.redhat.com/errata/RHSA-2013-0198.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0198.html
cvssv3.1	5.9	http://rhn.redhat.com/errata/RHSA-2013-0221.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0221.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0235.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0623.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0640.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0641.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0642.html
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0004
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0005
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0146
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0147
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0151
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0157
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0158
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0162
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0163
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0164
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0191
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0192
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0193
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0194
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0195
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0196
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0198
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0221
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0235
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0623
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0640
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0641
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0642
epss	0.00290	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.00290	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.00290	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.00290	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.00290	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.00290	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.00290	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.00290	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.00290	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.00290	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.00290	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.00290	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.00291	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.00291	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.00291	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.00291	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.02552	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.02552	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03043	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.03399	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.04043	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.04043	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.04043	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.04043	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.04043	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.04043	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.04043	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.04366	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.04366	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
epss	0.06094	https://api.first.org/data/v1/epss?cve=CVE-2012-3546
rhbs	high	https://bugzilla.redhat.com/show_bug.cgi?id=883634
apache_tomcat	Important	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3546
generic_textual	MODERATE	http://secunia.com/advisories/57126
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-jgm2-m5cg-f66g
cvssv3.1	7.5	https://github.com/apache/tomcat
generic_textual	HIGH	https://github.com/apache/tomcat
generic_textual	MODERATE	https://github.com/apache/tomcat/commit/f78c0cdfc8a3c2efdfe6df6b69e5e3daafa3f588
generic_textual	MODERATE	https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878
cvssv2	4.3	https://nvd.nist.gov/vuln/detail/CVE-2012-3546
generic_textual	MODERATE	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19305
generic_textual	MODERATE	https://svn.apache.org/repos/asf/tomcat/tc7.0.x/trunk@1377892
generic_textual	MODERATE	http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java?r1=1377892&r2=1377891&pathrev=1377892
generic_textual	MODERATE	http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1377892&r2=1377891&pathrev=1377892
generic_textual	MODERATE	http://svn.apache.org/viewvc?view=revision&revision=1377892
cvssv3.1	9.8	http://tomcat.apache.org/security-6.html
generic_textual	CRITICAL	http://tomcat.apache.org/security-6.html
cvssv3.1	9.8	http://tomcat.apache.org/security-7.html
generic_textual	CRITICAL	http://tomcat.apache.org/security-7.html
generic_textual	MODERATE	http://www.ubuntu.com/usn/USN-1685-1

System

Score

Found at

generic_textual

MODERATE

http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html

generic_textual

MODERATE

http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html

generic_textual

MODERATE

http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html

generic_textual

MODERATE

http://marc.info/?l=bugtraq&m=136612293908376&w=2

cvssv3.1

7.5

http://marc.info/?l=bugtraq&m=139344343412337&w=2

generic_textual

MODERATE

http://marc.info/?l=bugtraq&m=139344343412337&w=2

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0004.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0005.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0146.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0147.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0151.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0157.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0158.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0162.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0163.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0164.html

cvssv3.1

5.9

http://rhn.redhat.com/errata/RHSA-2013-0191.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0191.html

cvssv3.1

5.9

http://rhn.redhat.com/errata/RHSA-2013-0192.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0192.html

cvssv3.1

5.9

http://rhn.redhat.com/errata/RHSA-2013-0193.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0193.html

cvssv3.1

5.9

http://rhn.redhat.com/errata/RHSA-2013-0194.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0194.html

cvssv3.1

5.9

http://rhn.redhat.com/errata/RHSA-2013-0195.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0195.html

cvssv3.1

5.9

http://rhn.redhat.com/errata/RHSA-2013-0196.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0196.html

cvssv3.1

5.9

http://rhn.redhat.com/errata/RHSA-2013-0198.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0198.html

cvssv3.1

5.9

http://rhn.redhat.com/errata/RHSA-2013-0221.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0221.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0235.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0623.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0640.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0641.html

generic_textual

MODERATE

http://rhn.redhat.com/errata/RHSA-2013-0642.html

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0004

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0005

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0146

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0147

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0151

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0157

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0158

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0162

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0163

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0164

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0191

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0192

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0193

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0194

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0195

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0196

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0198

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0221

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0235

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0623

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0640

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0641

rhas

Important

https://access.redhat.com/errata/RHSA-2013:0642

epss

0.00290

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.00290

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.00290

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.00290

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.00290

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.00290

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.00290

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.00290

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.00290

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.00290

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.00290

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.00290

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.00291

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.00291

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.00291

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.00291

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.02552

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.02552

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03043

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.03399

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.04043

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.04043

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.04043

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.04043

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.04043

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.04043

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.04043

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.04366

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.04366

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

epss

0.06094

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

rhbs

high

https://bugzilla.redhat.com/show_bug.cgi?id=883634

apache_tomcat

Important

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3546

generic_textual

MODERATE

http://secunia.com/advisories/57126

cvssv3.1_qr

MODERATE

https://github.com/advisories/GHSA-jgm2-m5cg-f66g

cvssv3.1

7.5

https://github.com/apache/tomcat

generic_textual

HIGH

https://github.com/apache/tomcat

generic_textual

MODERATE

https://github.com/apache/tomcat/commit/f78c0cdfc8a3c2efdfe6df6b69e5e3daafa3f588

generic_textual

MODERATE

https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878

cvssv2

4.3

https://nvd.nist.gov/vuln/detail/CVE-2012-3546

generic_textual

MODERATE

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19305

generic_textual

MODERATE

https://svn.apache.org/repos/asf/tomcat/tc7.0.x/trunk@1377892

generic_textual

MODERATE

http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java?r1=1377892&r2=1377891&pathrev=1377892

generic_textual

MODERATE

http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1377892&r2=1377891&pathrev=1377892

generic_textual

MODERATE

http://svn.apache.org/viewvc?view=revision&revision=1377892

cvssv3.1

9.8

http://tomcat.apache.org/security-6.html

generic_textual

CRITICAL

http://tomcat.apache.org/security-6.html

cvssv3.1

9.8

http://tomcat.apache.org/security-7.html

generic_textual

CRITICAL

http://tomcat.apache.org/security-7.html

generic_textual

MODERATE

http://www.ubuntu.com/usn/USN-1685-1

Reference id	Reference type	URL
		http://archives.neohapsis.com/archives/bugtraq/2012-12/0044.html
		http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html
		http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html
		http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html
		http://marc.info/?l=bugtraq&m=136612293908376&w=2
		http://marc.info/?l=bugtraq&m=139344343412337&w=2
		http://rhn.redhat.com/errata/RHSA-2013-0004.html
		http://rhn.redhat.com/errata/RHSA-2013-0005.html
		http://rhn.redhat.com/errata/RHSA-2013-0146.html
		http://rhn.redhat.com/errata/RHSA-2013-0147.html
		http://rhn.redhat.com/errata/RHSA-2013-0151.html
		http://rhn.redhat.com/errata/RHSA-2013-0157.html
		http://rhn.redhat.com/errata/RHSA-2013-0158.html
		http://rhn.redhat.com/errata/RHSA-2013-0162.html
		http://rhn.redhat.com/errata/RHSA-2013-0163.html
		http://rhn.redhat.com/errata/RHSA-2013-0164.html
		http://rhn.redhat.com/errata/RHSA-2013-0191.html
		http://rhn.redhat.com/errata/RHSA-2013-0192.html
		http://rhn.redhat.com/errata/RHSA-2013-0193.html
		http://rhn.redhat.com/errata/RHSA-2013-0194.html
		http://rhn.redhat.com/errata/RHSA-2013-0195.html
		http://rhn.redhat.com/errata/RHSA-2013-0196.html
		http://rhn.redhat.com/errata/RHSA-2013-0197.html
		http://rhn.redhat.com/errata/RHSA-2013-0198.html
		http://rhn.redhat.com/errata/RHSA-2013-0221.html
		http://rhn.redhat.com/errata/RHSA-2013-0235.html
		http://rhn.redhat.com/errata/RHSA-2013-0623.html
		http://rhn.redhat.com/errata/RHSA-2013-0640.html
		http://rhn.redhat.com/errata/RHSA-2013-0641.html
		http://rhn.redhat.com/errata/RHSA-2013-0642.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3546.json
		https://api.first.org/data/v1/epss?cve=CVE-2012-3546
		http://secunia.com/advisories/51984
		http://secunia.com/advisories/52054
		http://secunia.com/advisories/57126
		https://github.com/apache/tomcat
		https://github.com/apache/tomcat/commit/f78c0cdfc8a3c2efdfe6df6b69e5e3daafa3f588
		https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878
		https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19305
		https://svn.apache.org/repos/asf/tomcat/tc7.0.x/trunk@1377892
		https://svn.apache.org/viewvc?view=rev&rev=1377892
		https://svn.apache.org/viewvc?view=rev&rev=1381035
		http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java?r1=1377892&r2=1377891&pathrev=1377892
		http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1377892&r2=1377891&pathrev=1377892
		http://svn.apache.org/viewvc?view=revision&revision=1377892
		http://tomcat.apache.org/security-6.html
		http://tomcat.apache.org/security-7.html
		http://www.securityfocus.com/bid/56812
		http://www.securitytracker.com/id?1027833
		http://www.ubuntu.com/usn/USN-1685-1
695250		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695250
883634		https://bugzilla.redhat.com/show_bug.cgi?id=883634
cpe:2.3:a:apache:tomcat:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0:::::::*
cpe:2.3:a:apache:tomcat:6.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.0:::::::*
cpe:2.3:a:apache:tomcat:6.0.0:alpha::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.0:alpha::::::
cpe:2.3:a:apache:tomcat:6.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.1:::::::*
cpe:2.3:a:apache:tomcat:6.0.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.10:::::::*
cpe:2.3:a:apache:tomcat:6.0.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.11:::::::*
cpe:2.3:a:apache:tomcat:6.0.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.12:::::::*
cpe:2.3:a:apache:tomcat:6.0.13:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.13:::::::*
cpe:2.3:a:apache:tomcat:6.0.14:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.14:::::::*
cpe:2.3:a:apache:tomcat:6.0.15:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.15:::::::*
cpe:2.3:a:apache:tomcat:6.0.16:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.16:::::::*
cpe:2.3:a:apache:tomcat:6.0.17:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.17:::::::*
cpe:2.3:a:apache:tomcat:6.0.18:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.18:::::::*
cpe:2.3:a:apache:tomcat:6.0.19:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.19:::::::*
cpe:2.3:a:apache:tomcat:6.0.1:alpha::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.1:alpha::::::
cpe:2.3:a:apache:tomcat:6.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.2:::::::*
cpe:2.3:a:apache:tomcat:6.0.20:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.20:::::::*
cpe:2.3:a:apache:tomcat:6.0.24:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.24:::::::*
cpe:2.3:a:apache:tomcat:6.0.26:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.26:::::::*
cpe:2.3:a:apache:tomcat:6.0.27:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.27:::::::*
cpe:2.3:a:apache:tomcat:6.0.28:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.28:::::::*
cpe:2.3:a:apache:tomcat:6.0.29:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.29:::::::*
cpe:2.3:a:apache:tomcat:6.0.2:alpha::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.2:alpha::::::
cpe:2.3:a:apache:tomcat:6.0.2:beta::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.2:beta::::::
cpe:2.3:a:apache:tomcat:6.0.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.3:::::::*
cpe:2.3:a:apache:tomcat:6.0.30:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.30:::::::*
cpe:2.3:a:apache:tomcat:6.0.31:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.31:::::::*
cpe:2.3:a:apache:tomcat:6.0.32:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.32:::::::*
cpe:2.3:a:apache:tomcat:6.0.33:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.33:::::::*
cpe:2.3:a:apache:tomcat:6.0.35:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.35:::::::*
cpe:2.3:a:apache:tomcat:6.0.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.4:::::::*
cpe:2.3:a:apache:tomcat:6.0.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.5:::::::*
cpe:2.3:a:apache:tomcat:6.0.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.6:::::::*
cpe:2.3:a:apache:tomcat:6.0.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.7:::::::*
cpe:2.3:a:apache:tomcat:6.0.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.8:::::::*
cpe:2.3:a:apache:tomcat:6.0.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.9:::::::*
cpe:2.3:a:apache:tomcat:6.0.9:beta::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.9:beta::::::
cpe:2.3:a:apache:tomcat:7.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:::::::*
cpe:2.3:a:apache:tomcat:7.0.0:beta::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:beta::::::
cpe:2.3:a:apache:tomcat:7.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.1:::::::*
cpe:2.3:a:apache:tomcat:7.0.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.10:::::::*
cpe:2.3:a:apache:tomcat:7.0.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.11:::::::*
cpe:2.3:a:apache:tomcat:7.0.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.12:::::::*
cpe:2.3:a:apache:tomcat:7.0.13:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.13:::::::*
cpe:2.3:a:apache:tomcat:7.0.14:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.14:::::::*
cpe:2.3:a:apache:tomcat:7.0.15:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.15:::::::*
cpe:2.3:a:apache:tomcat:7.0.16:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.16:::::::*
cpe:2.3:a:apache:tomcat:7.0.17:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.17:::::::*
cpe:2.3:a:apache:tomcat:7.0.18:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.18:::::::*
cpe:2.3:a:apache:tomcat:7.0.19:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.19:::::::*
cpe:2.3:a:apache:tomcat:7.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.2:::::::*
cpe:2.3:a:apache:tomcat:7.0.20:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.20:::::::*
cpe:2.3:a:apache:tomcat:7.0.21:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.21:::::::*
cpe:2.3:a:apache:tomcat:7.0.22:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.22:::::::*
cpe:2.3:a:apache:tomcat:7.0.23:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.23:::::::*
cpe:2.3:a:apache:tomcat:7.0.25:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.25:::::::*
cpe:2.3:a:apache:tomcat:7.0.28:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.28:::::::*
cpe:2.3:a:apache:tomcat:7.0.2:beta::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.2:beta::::::
cpe:2.3:a:apache:tomcat:7.0.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.3:::::::*
cpe:2.3:a:apache:tomcat:7.0.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.4:::::::*
cpe:2.3:a:apache:tomcat:7.0.4:beta::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.4:beta::::::
cpe:2.3:a:apache:tomcat:7.0.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.5:::::::*
cpe:2.3:a:apache:tomcat:7.0.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.6:::::::*
cpe:2.3:a:apache:tomcat:7.0.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.7:::::::*
cpe:2.3:a:apache:tomcat:7.0.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.8:::::::*
cpe:2.3:a:apache:tomcat:7.0.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.9:::::::*
CVE-2012-3546		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3546
CVE-2012-3546		https://nvd.nist.gov/vuln/detail/CVE-2012-3546
GHSA-jgm2-m5cg-f66g		https://github.com/advisories/GHSA-jgm2-m5cg-f66g
GLSA-201412-29		https://security.gentoo.org/glsa/201412-29
RHSA-2013:0004		https://access.redhat.com/errata/RHSA-2013:0004
RHSA-2013:0005		https://access.redhat.com/errata/RHSA-2013:0005
RHSA-2013:0146		https://access.redhat.com/errata/RHSA-2013:0146
RHSA-2013:0147		https://access.redhat.com/errata/RHSA-2013:0147
RHSA-2013:0151		https://access.redhat.com/errata/RHSA-2013:0151
RHSA-2013:0157		https://access.redhat.com/errata/RHSA-2013:0157
RHSA-2013:0158		https://access.redhat.com/errata/RHSA-2013:0158
RHSA-2013:0162		https://access.redhat.com/errata/RHSA-2013:0162
RHSA-2013:0163		https://access.redhat.com/errata/RHSA-2013:0163
RHSA-2013:0164		https://access.redhat.com/errata/RHSA-2013:0164
RHSA-2013:0191		https://access.redhat.com/errata/RHSA-2013:0191
RHSA-2013:0192		https://access.redhat.com/errata/RHSA-2013:0192
RHSA-2013:0193		https://access.redhat.com/errata/RHSA-2013:0193
RHSA-2013:0194		https://access.redhat.com/errata/RHSA-2013:0194
RHSA-2013:0195		https://access.redhat.com/errata/RHSA-2013:0195
RHSA-2013:0196		https://access.redhat.com/errata/RHSA-2013:0196
RHSA-2013:0198		https://access.redhat.com/errata/RHSA-2013:0198
RHSA-2013:0221		https://access.redhat.com/errata/RHSA-2013:0221
RHSA-2013:0235		https://access.redhat.com/errata/RHSA-2013:0235
RHSA-2013:0623		https://access.redhat.com/errata/RHSA-2013:0623
RHSA-2013:0640		https://access.redhat.com/errata/RHSA-2013:0640
RHSA-2013:0641		https://access.redhat.com/errata/RHSA-2013:0641
RHSA-2013:0642		https://access.redhat.com/errata/RHSA-2013:0642
USN-1685-1		https://usn.ubuntu.com/1685-1/

Reference id

Reference type

URL

http://archives.neohapsis.com/archives/bugtraq/2012-12/0044.html

http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html

http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html

http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html

http://marc.info/?l=bugtraq&m=136612293908376&w=2

http://marc.info/?l=bugtraq&m=139344343412337&w=2

http://rhn.redhat.com/errata/RHSA-2013-0004.html

http://rhn.redhat.com/errata/RHSA-2013-0005.html

http://rhn.redhat.com/errata/RHSA-2013-0146.html

http://rhn.redhat.com/errata/RHSA-2013-0147.html

http://rhn.redhat.com/errata/RHSA-2013-0151.html

http://rhn.redhat.com/errata/RHSA-2013-0157.html

http://rhn.redhat.com/errata/RHSA-2013-0158.html

http://rhn.redhat.com/errata/RHSA-2013-0162.html

http://rhn.redhat.com/errata/RHSA-2013-0163.html

http://rhn.redhat.com/errata/RHSA-2013-0164.html

http://rhn.redhat.com/errata/RHSA-2013-0191.html

http://rhn.redhat.com/errata/RHSA-2013-0192.html

http://rhn.redhat.com/errata/RHSA-2013-0193.html

http://rhn.redhat.com/errata/RHSA-2013-0194.html

http://rhn.redhat.com/errata/RHSA-2013-0195.html

http://rhn.redhat.com/errata/RHSA-2013-0196.html

http://rhn.redhat.com/errata/RHSA-2013-0197.html

http://rhn.redhat.com/errata/RHSA-2013-0198.html

http://rhn.redhat.com/errata/RHSA-2013-0221.html

http://rhn.redhat.com/errata/RHSA-2013-0235.html

http://rhn.redhat.com/errata/RHSA-2013-0623.html

http://rhn.redhat.com/errata/RHSA-2013-0640.html

http://rhn.redhat.com/errata/RHSA-2013-0641.html

http://rhn.redhat.com/errata/RHSA-2013-0642.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3546.json

https://api.first.org/data/v1/epss?cve=CVE-2012-3546

http://secunia.com/advisories/51984

http://secunia.com/advisories/52054

http://secunia.com/advisories/57126

https://github.com/apache/tomcat

https://github.com/apache/tomcat/commit/f78c0cdfc8a3c2efdfe6df6b69e5e3daafa3f588

https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19305

https://svn.apache.org/repos/asf/tomcat/tc7.0.x/trunk@1377892

https://svn.apache.org/viewvc?view=rev&rev=1377892

https://svn.apache.org/viewvc?view=rev&rev=1381035

http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/RealmBase.java?r1=1377892&r2=1377891&pathrev=1377892

http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1377892&r2=1377891&pathrev=1377892

http://svn.apache.org/viewvc?view=revision&revision=1377892

http://tomcat.apache.org/security-6.html

http://tomcat.apache.org/security-7.html

http://www.securityfocus.com/bid/56812

http://www.securitytracker.com/id?1027833

http://www.ubuntu.com/usn/USN-1685-1

695250

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695250

883634

https://bugzilla.redhat.com/show_bug.cgi?id=883634

cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*

cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*

CVE-2012-3546

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3546

CVE-2012-3546

https://nvd.nist.gov/vuln/detail/CVE-2012-3546

GHSA-jgm2-m5cg-f66g

https://github.com/advisories/GHSA-jgm2-m5cg-f66g

GLSA-201412-29

https://security.gentoo.org/glsa/201412-29

RHSA-2013:0004

https://access.redhat.com/errata/RHSA-2013:0004

RHSA-2013:0005

https://access.redhat.com/errata/RHSA-2013:0005

RHSA-2013:0146

https://access.redhat.com/errata/RHSA-2013:0146

RHSA-2013:0147

https://access.redhat.com/errata/RHSA-2013:0147

RHSA-2013:0151

https://access.redhat.com/errata/RHSA-2013:0151

RHSA-2013:0157

https://access.redhat.com/errata/RHSA-2013:0157

RHSA-2013:0158

https://access.redhat.com/errata/RHSA-2013:0158

RHSA-2013:0162

https://access.redhat.com/errata/RHSA-2013:0162

RHSA-2013:0163

https://access.redhat.com/errata/RHSA-2013:0163

RHSA-2013:0164

https://access.redhat.com/errata/RHSA-2013:0164

RHSA-2013:0191

https://access.redhat.com/errata/RHSA-2013:0191

RHSA-2013:0192

https://access.redhat.com/errata/RHSA-2013:0192

RHSA-2013:0193

https://access.redhat.com/errata/RHSA-2013:0193

RHSA-2013:0194

https://access.redhat.com/errata/RHSA-2013:0194

RHSA-2013:0195

https://access.redhat.com/errata/RHSA-2013:0195

RHSA-2013:0196

https://access.redhat.com/errata/RHSA-2013:0196

RHSA-2013:0198

https://access.redhat.com/errata/RHSA-2013:0198

RHSA-2013:0221

https://access.redhat.com/errata/RHSA-2013:0221

RHSA-2013:0235

https://access.redhat.com/errata/RHSA-2013:0235

RHSA-2013:0623

https://access.redhat.com/errata/RHSA-2013:0623

RHSA-2013:0640

https://access.redhat.com/errata/RHSA-2013:0640

RHSA-2013:0641

https://access.redhat.com/errata/RHSA-2013:0641

RHSA-2013:0642

https://access.redhat.com/errata/RHSA-2013:0642

USN-1685-1

https://usn.ubuntu.com/1685-1/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://marc.info/?l=bugtraq&m=139344343412337&w=2

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at http://rhn.redhat.com/errata/RHSA-2013-0191.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at http://rhn.redhat.com/errata/RHSA-2013-0192.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at http://rhn.redhat.com/errata/RHSA-2013-0193.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at http://rhn.redhat.com/errata/RHSA-2013-0194.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at http://rhn.redhat.com/errata/RHSA-2013-0195.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at http://rhn.redhat.com/errata/RHSA-2013-0196.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at http://rhn.redhat.com/errata/RHSA-2013-0198.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at http://rhn.redhat.com/errata/RHSA-2013-0221.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/apache/tomcat

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2012-3546

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://tomcat.apache.org/security-6.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://tomcat.apache.org/security-7.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-rd75-u224-aaaj
Aliases	CVE-2012-3546 GHSA-jgm2-m5cg-f66g
Summary	org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows remote attackers to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_check at the end of a URI.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

CWE-264	Permissions, Privileges, and Access Controls
CWE-287	Improper Authentication
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

Percentile	0.69579
EPSS Score	0.00290
Published At	Nov. 1, 2024, midnight