Description

This alert was generated using only banner information. It may be a false positive.

Apache Tomcat is prone to an authentication-bypass vulnerability. An attacker can gain unauthorized access to files and directories. Successful exploits may lead to other attacks.

Affected Apache Tomcat version (5.5.0 - 5.5.28).
Affected Apache Tomcat version (6.0.0 - 6.0.20).

Remediation

Upgrade Apache Tomcat to the latest version.

References

Apache Tomcat Directory Host Appbase Authentication Bypass Vulnerability

Related Vulnerabilities

WordPress Plugin The Official Facebook Chat Security Bypass (1.5)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20340)

WordPress Plugin wordpress vertical image slider Multiple Vulnerabilities (1.0)

MySQL CVE-2012-0075 Vulnerability (CVE-2012-0075)

WordPress Plugin WP Insightly for Contact Form 7 and Ninja Forms Cross-Site Scripting (1.0.7)

Severity

Medium

Classification

CVE-2009-2901 CWE-264 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Authentication Bypass