Description
The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts.
Remediation
References
Related Vulnerabilities
Oracle Application Server CVE-2008-2589 Vulnerability (CVE-2008-2589)
WordPress Plugin Login No Captcha reCAPTCHA Security Bypass (1.6.11)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3818)
WordPress Plugin WP HTML Sitemap Cross-Site Request Forgery (1.2)