Количество 7
Количество 7
GHSA-q9xf-jwr4-v445
Authentication Bypass in Apache Tomcat
CVE-2011-1184
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values.
CVE-2011-1184
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values.
CVE-2011-1184
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values.
CVE-2011-1184
The HTTP Digest Access Authentication implementation in Apache Tomcat ...
ELSA-2011-1845
ELSA-2011-1845: tomcat5 security update (MODERATE)
ELSA-2011-1780
ELSA-2011-1780: tomcat6 security and bug fix update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-q9xf-jwr4-v445 Authentication Bypass in Apache Tomcat | 5% Низкий | около 3 лет назад | |
 | CVE-2011-1184 The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values. | CVSS2: 5 | 5% Низкий | больше 13 лет назад |
 | CVE-2011-1184 The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values. | CVSS2: 4.3 | 5% Низкий | больше 13 лет назад |
 | CVE-2011-1184 The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values. | CVSS2: 5 | 5% Низкий | больше 13 лет назад |
| CVE-2011-1184 The HTTP Digest Access Authentication implementation in Apache Tomcat ... | CVSS2: 5 | 5% Низкий | больше 13 лет назад |
| ELSA-2011-1845 ELSA-2011-1845: tomcat5 security update (MODERATE) | больше 13 лет назад | ||
| ELSA-2011-1780 ELSA-2011-1780: tomcat6 security and bug fix update (MODERATE) | больше 13 лет назад |
Уязвимостей на страницу