Description
The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
Remediation
References
Related Vulnerabilities
WordPress Plugin Export Post Info CSV Injection (1.2.0)
Nexus Repository Manager Incorrect Authorization Vulnerability (CVE-2018-16620)
Drupal Improper Input Validation Vulnerability (CVE-2022-25273)
MySQL CVE-2022-21311 Vulnerability (CVE-2022-21311)
Oracle Application Server CVE-2008-0343 Vulnerability (CVE-2008-0343)