Apache Tomcat 'MemoryUserDatabase' Information Disclosure Vulnerability Network Vulnerability

Summary

Apache Tomcat is prone to a remote information-disclosure vulnerability. Remote attackers can exploit this issue to obtain sensitive information that will aid in further attacks. The following versions are affected: Tomcat 5.5.0 through 5.5.33 Tomcat 6.0.0 through 6.0.32 Tomcat 7.0.0 through 7.0.16

Solution

Updates are available. Please see the references for more information.

References

http://support.avaya.com/css/P8/documents/100147910
http://tomcat.apache.org/
http://tomcat.apache.org/security-5.html
http://tomcat.apache.org/security-6.html
http://tomcat.apache.org/security-7.html
http://www.securityfocus.com/bid/48456

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-2204

CVSS	Base Score: 1.9 AV:L/AC:M/Au:N/C:P/I:N/A:N

Related Vulnerabilities

MantisBT 'adm_config_report.php' Cross-Site Scripting Vulnerability - January15
Nikto (NASL wrapper)
Fingerprint web server with favicon.ico
phpLDAPadmin 'server_id' Parameter Cross Site Scripting Vulnerabilities
ownCloud Multiple Cross Site Scripting Vulnerabilities -01 May14

Take action and discover your vulnerabilities