Description

This alert was generated using only banner information. It may be a false positive.

Apache Tomcat is prone to an authentication-bypass vulnerability. An attacker can gain unauthorized access to files and directories. Successful exploits may lead to other attacks.

Affected Apache Tomcat version (5.5.0 - 5.5.28).
Affected Apache Tomcat version (6.0.0 - 6.0.20).

Remediation

Upgrade Apache Tomcat to the latest version.

References

Apache Tomcat Directory Host Appbase Authentication Bypass Vulnerability

Related Vulnerabilities

WordPress Plugin Multi Plugin Installer Arbitrary File Disclosure (1.1.0)

WordPress Plugin MicroCopy SQL Injection (1.1.0)

WordPress Plugin Breezing Forms SQL Injection (1.2.7.30)

WordPress Plugin Formidable Form Builder-Contact Form, Survey & Quiz Forms for WordPress Cross-Site Scripting (5.0.06)

Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.7)

Severity

Medium

Classification

CVE-2009-2901 CWE-264 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Tags

Missing Update