VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-w2az-ahw2-aaah

Essentials
Severities (177)
References (90)
Severity details (106)
Exploits (1)
EPSS
History (0)

Vulnerability ID	VCID-w2az-ahw2-aaah
Aliases	CVE-2008-1232 GHSA-q74x-qqhr-f8rx
Summary	CVE-2008-1232 tomcat: Cross-Site-Scripting enabled by sendError call
Status	Published
Exploitability	2.0
Weighted Severity	8.0
Risk	10.0
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-79	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-02-ca-service-desk-tomcat-cross-site-scripting-vulnerability.aspx
generic_textual	MODERATE	http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
cvssv3.1	5.3	http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
generic_textual	MODERATE	http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
generic_textual	MODERATE	http://marc.info/?l=bugtraq&m=123376588623823&w=2
cvssv3.1	7.5	http://marc.info/?l=bugtraq&m=139344343412337&w=2
generic_textual	MODERATE	http://marc.info/?l=bugtraq&m=139344343412337&w=2
rhas	Important	https://access.redhat.com/errata/RHSA-2008:0648
rhas	Important	https://access.redhat.com/errata/RHSA-2008:0862
rhas	Important	https://access.redhat.com/errata/RHSA-2008:0864
rhas	Important	https://access.redhat.com/errata/RHSA-2008:0877
rhas	Low	https://access.redhat.com/errata/RHSA-2008:1007
rhas	Moderate	https://access.redhat.com/errata/RHSA-2010:0602
epss	0.02867	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.02867	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.02867	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.02867	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.02867	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.02867	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.02867	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.02867	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.02867	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.02867	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.02867	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.02867	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.30326	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.30326	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.30326	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.30326	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.35044	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.35044	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.35044	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.35044	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.35044	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.35044	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.35044	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.35044	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.35044	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.35044	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.35044	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.35044	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.35044	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.35044	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.35044	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.35044	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.35044	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.38225	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
epss	0.42198	https://api.first.org/data/v1/epss?cve=CVE-2008-1232
rhbs	low	https://bugzilla.redhat.com/show_bug.cgi?id=457597
apache_tomcat	Low	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232
generic_textual	MODERATE	http://secunia.com/advisories/31379
generic_textual	MODERATE	http://secunia.com/advisories/31381
generic_textual	MODERATE	http://secunia.com/advisories/31639
generic_textual	MODERATE	http://secunia.com/advisories/31865
generic_textual	MODERATE	http://secunia.com/advisories/31891
generic_textual	MODERATE	http://secunia.com/advisories/31982
generic_textual	MODERATE	http://secunia.com/advisories/32120
generic_textual	MODERATE	http://secunia.com/advisories/32222
generic_textual	MODERATE	http://secunia.com/advisories/32266
generic_textual	MODERATE	http://secunia.com/advisories/33797
generic_textual	MODERATE	http://secunia.com/advisories/33999
generic_textual	MODERATE	http://secunia.com/advisories/34013
generic_textual	MODERATE	http://secunia.com/advisories/35474
generic_textual	MODERATE	http://secunia.com/advisories/36108
cvssv3.1	4.2	http://secunia.com/advisories/37460
generic_textual	MODERATE	http://secunia.com/advisories/37460
generic_textual	MODERATE	http://secunia.com/advisories/57126
generic_textual	MODERATE	http://securityreason.com/securityalert/4098
generic_textual	MODERATE	https://exchange.xforce.ibmcloud.com/vulnerabilities/44155
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-q74x-qqhr-f8rx
cvssv3.1	7.5	https://github.com/apache/tomcat
generic_textual	HIGH	https://github.com/apache/tomcat
cvssv3.1	4.2	https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
generic_textual	LOW	https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
generic_textual	LOW	https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
generic_textual	LOW	https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
generic_textual	LOW	https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
cvssv3.1	4.2	https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
generic_textual	MODERATE	https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
cvssv2	4.3	https://nvd.nist.gov/vuln/detail/CVE-2008-1232
generic_textual	MODERATE	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11181
generic_textual	MODERATE	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5985
generic_textual	MODERATE	https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209500
generic_textual	MODERATE	https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214095
generic_textual	MODERATE	http://support.apple.com/kb/HT3216
generic_textual	MODERATE	http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm
generic_textual	MODERATE	https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html
generic_textual	MODERATE	https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html
generic_textual	MODERATE	https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html
cvssv3.1	4.2	http://tomcat.apache.org/security-4.html
generic_textual	MODERATE	http://tomcat.apache.org/security-4.html
cvssv3.1	4.2	http://tomcat.apache.org/security-5.html
generic_textual	MODERATE	http://tomcat.apache.org/security-5.html
cvssv3.1	9.8	http://tomcat.apache.org/security-6.html
generic_textual	CRITICAL	http://tomcat.apache.org/security-6.html
generic_textual	MODERATE	http://www.mandriva.com/security/advisories?name=MDVSA-2008:188
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2008-0648.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2008-0862.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2008-0864.html
generic_textual	MODERATE	http://www.securityfocus.com/archive/1/495021/100/0/threaded
generic_textual	MODERATE	http://www.securityfocus.com/archive/1/504351/100/0/threaded
generic_textual	MODERATE	http://www.securityfocus.com/archive/1/505556/100/0/threaded
cvssv3.1	4.2	http://www.securityfocus.com/archive/1/507985/100/0/threaded
generic_textual	MODERATE	http://www.securityfocus.com/archive/1/507985/100/0/threaded
generic_textual	MODERATE	http://www.securityfocus.com/bid/30496
generic_textual	MODERATE	http://www.securityfocus.com/bid/31681
generic_textual	MODERATE	http://www.securitytracker.com/id?1020622
generic_textual	MODERATE	http://www.vmware.com/security/advisories/VMSA-2009-0002.html
cvssv3.1	4.2	http://www.vmware.com/security/advisories/VMSA-2009-0016.html
generic_textual	MODERATE	http://www.vmware.com/security/advisories/VMSA-2009-0016.html
generic_textual	MODERATE	http://www.vupen.com/english/advisories/2008/2305
generic_textual	MODERATE	http://www.vupen.com/english/advisories/2008/2780
generic_textual	MODERATE	http://www.vupen.com/english/advisories/2008/2823
generic_textual	MODERATE	http://www.vupen.com/english/advisories/2009/0320
generic_textual	MODERATE	http://www.vupen.com/english/advisories/2009/0503
generic_textual	MODERATE	http://www.vupen.com/english/advisories/2009/1609
generic_textual	MODERATE	http://www.vupen.com/english/advisories/2009/2194
cvssv3.1	4.2	http://www.vupen.com/english/advisories/2009/3316
generic_textual	MODERATE	http://www.vupen.com/english/advisories/2009/3316

Reference id	Reference type	URL
		http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-02-ca-service-desk-tomcat-cross-site-scripting-vulnerability.aspx
		http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
		http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
		http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
		http://marc.info/?l=bugtraq&m=123376588623823&w=2
		http://marc.info/?l=bugtraq&m=139344343412337&w=2
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1232.json
		https://api.first.org/data/v1/epss?cve=CVE-2008-1232
		http://secunia.com/advisories/31379
		http://secunia.com/advisories/31381
		http://secunia.com/advisories/31639
		http://secunia.com/advisories/31865
		http://secunia.com/advisories/31891
		http://secunia.com/advisories/31982
		http://secunia.com/advisories/32120
		http://secunia.com/advisories/32222
		http://secunia.com/advisories/32266
		http://secunia.com/advisories/33797
		http://secunia.com/advisories/33999
		http://secunia.com/advisories/34013
		http://secunia.com/advisories/35474
		http://secunia.com/advisories/36108
		http://secunia.com/advisories/37460
		http://secunia.com/advisories/57126
		http://securityreason.com/securityalert/4098
		https://exchange.xforce.ibmcloud.com/vulnerabilities/44155
		https://github.com/apache/tomcat
		https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E
		https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E
		https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11181
		https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5985
		https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209500
		https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214095
		https://svn.apache.org/viewvc?view=rev&rev=673834
		https://svn.apache.org/viewvc?view=rev&rev=680947
		http://support.apple.com/kb/HT3216
		http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm
		https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html
		https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html
		https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html
		http://tomcat.apache.org/security-4.html
		http://tomcat.apache.org/security-5.html
		http://tomcat.apache.org/security-6.html
		http://www.mandriva.com/security/advisories?name=MDVSA-2008:188
		http://www.redhat.com/support/errata/RHSA-2008-0648.html
		http://www.redhat.com/support/errata/RHSA-2008-0862.html
		http://www.redhat.com/support/errata/RHSA-2008-0864.html
		http://www.securityfocus.com/archive/1/495021/100/0/threaded
		http://www.securityfocus.com/archive/1/504351/100/0/threaded
		http://www.securityfocus.com/archive/1/505556/100/0/threaded
		http://www.securityfocus.com/archive/1/507985/100/0/threaded
		http://www.securityfocus.com/bid/30496
		http://www.securityfocus.com/bid/31681
		http://www.securitytracker.com/id?1020622
		http://www.vmware.com/security/advisories/VMSA-2009-0002.html
		http://www.vmware.com/security/advisories/VMSA-2009-0016.html
		http://www.vupen.com/english/advisories/2008/2305
		http://www.vupen.com/english/advisories/2008/2780
		http://www.vupen.com/english/advisories/2008/2823
		http://www.vupen.com/english/advisories/2009/0320
		http://www.vupen.com/english/advisories/2009/0503
		http://www.vupen.com/english/advisories/2009/1609
		http://www.vupen.com/english/advisories/2009/2194
		http://www.vupen.com/english/advisories/2009/3316
457597		https://bugzilla.redhat.com/show_bug.cgi?id=457597
cpe:2.3:a:apache:tomcat::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat::::::::
CVE-2008-1232		https://access.redhat.com/security/cve/CVE-2008-1232
CVE-2008-1232		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232
CVE-2008-1232		https://nvd.nist.gov/vuln/detail/CVE-2008-1232
CVE-2008-1232;OSVDB-47462	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32138.txt
CVE-2008-1232;OSVDB-47462	Exploit	https://www.securityfocus.com/bid/30496/info
GHSA-q74x-qqhr-f8rx		https://github.com/advisories/GHSA-q74x-qqhr-f8rx
RHSA-2008:0648		https://access.redhat.com/errata/RHSA-2008:0648
RHSA-2008:0862		https://access.redhat.com/errata/RHSA-2008:0862
RHSA-2008:0864		https://access.redhat.com/errata/RHSA-2008:0864
RHSA-2008:0877		https://access.redhat.com/errata/RHSA-2008:0877
RHSA-2008:1007		https://access.redhat.com/errata/RHSA-2008:1007
RHSA-2010:0602		https://access.redhat.com/errata/RHSA-2010:0602

Data source	Exploit-DB
Date added	Aug. 1, 2008
Description	Apache Tomcat 6.0.16 - 'HttpServletResponse.sendError()' Cross-Site Scripting
Ransomware campaign use	Known
Source publication date	Aug. 1, 2008
Exploit type	remote
Platform	multiple
Source update date	March 10, 2014
Source URL	https://www.securityfocus.com/bid/30496/info

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://marc.info/?l=bugtraq&m=139344343412337&w=2

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://secunia.com/advisories/37460

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/apache/tomcat

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5@%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74@%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3@%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2008-1232

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://tomcat.apache.org/security-4.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://tomcat.apache.org/security-5.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://tomcat.apache.org/security-6.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://www.securityfocus.com/archive/1/507985/100/0/threaded

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://www.vmware.com/security/advisories/VMSA-2009-0016.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Found at http://www.vupen.com/english/advisories/2009/3316

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.91008
EPSS Score	0.02867
Published At	Nov. 1, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.