Published: 14/03/2011 Updated: 13/02/2023

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Apache Tomcat 7.x prior to 7.0.10 does not follow ServletSecurity annotations, which allows remote malicious users to bypass intended access restrictions via HTTP requests to a web application.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache tomcat 7.0.8
apache tomcat 7.0.1
apache tomcat 7.0.2
apache tomcat 7.0.5
apache tomcat 7.0.0
apache tomcat 7.0.6
apache tomcat 7.0.7
apache tomcat 7.0.9
apache tomcat 7.0.4
apache tomcat 7.0.3

NVD-CWE-Other http://www.vupen.com/english/advisories/2011/0563 http://tomcat.apache.org/security-7.html http://svn.apache.org/viewvc?view=revision&revision=1077995 http://markmail.org/message/lzx5273wsgl5pob6 http://svn.apache.org/viewvc?view=revision&revision=1076587 http://secunia.com/advisories/43684 http://markmail.org/message/yzmyn44f5aetmm2r http://svn.apache.org/viewvc?view=revision&revision=1076586 http://www.osvdb.org/71027 http://www.securityfocus.com/bid/46685 http://www.securitytracker.com/id?1025215 https://exchange.xforce.ibmcloud.com/vulnerabilities/65971 http://www.securityfocus.com/archive/1/517013/100/0/threaded http://mail-archives.apache.org/mod_mbox/www-announce/201103.mbox/%3C4D6E74FF.7050106%40apache.org%3E https://nvd.nist.gov http://tools.cisco.com/security/center/viewAlert.x?alertId=22888

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-1088

Vulnerability Summary

Most Upvoted Vulmon Research Post

References

Vulmon Search

About

Products

Connect