[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

246852

 
 

909

 
 

194149

 
 

282

Paid content will be excluded from the download.


Download | Alert*
OVAL

CVE-2019-17563 -- tomcat7, tomcat9, tomcat8

ID: oval:org.secpod.oval:def:2005278Date: (C)2020-10-22   (M)2024-02-19
Class: VULNERABILITYFamily: unix




When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this issue has been treated as a security vulnerability.

Platform:
Debian 10.x
Debian 9.x
Product:
tomcat7
tomcat8
tomcat9
Reference:
CVE-2019-17563
CVE    1
CVE-2019-17563
CPE    7
cpe:/o:debian:debian_linux:10.x
cpe:/o:debian:debian_linux:9.0
cpe:/a:apache:tomcat9
cpe:/o:debian:debian_linux:9.x
...

© SecPod Technologies