Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a servlet without following security constraints that have been configured through annotations, which allows remote malicious users to bypass intended access restrictions via HTTP requests. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088, CVE-2011-1183, and CVE-2011-1419.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache tomcat 7.0.12 |
||
apache tomcat 7.0.13 |