Summary
Apache Tomcat is prone to a remote information-disclosure vulnerability.
Remote attackers can exploit this issue to obtain sensitive information that will aid in further attacks.
The following versions are affected:
Tomcat 5.5.0 through 5.5.33 Tomcat 6.0.0 through 6.0.32 Tomcat 7.0.0 through 7.0.16
Solution
Updates are available. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2011-2204 -
CVSS Base Score: 1.9
AV:L/AC:M/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Alpha Networks ADSL2/2+ Wireless Router version ASL-26555 Password Information Disclosure Vulnerability
- Apache Tomcat 'MemoryUserDatabase' Information Disclosure Vulnerability
- phpLDAPadmin 'base' Parameter Cross Site Scripting Vulnerability
- Mantis 'manage_proj_cat_add.php' HTML Injection Vulnerability
- DIRB (NASL wrapper)