exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2013-2067

около 12 лет назад

java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.

CVSS2: 6.8

EPSS: Низкий

CVE-2013-2067

около 12 лет назад

java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.

CVSS2: 2.6

EPSS: Низкий

CVE-2013-2067

около 12 лет назад

java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.

CVSS2: 6.8

EPSS: Низкий

CVE-2013-2067

около 12 лет назад

java/org/apache/catalina/authenticator/FormAuthenticator.java in the f ...

CVSS2: 6.8

EPSS: Низкий

GHSA-6m48-jxwx-76q7

около 3 лет назад

Improper Authentication in Apache Tomcat

EPSS: Низкий

ELSA-2013-0964

около 12 лет назад

ELSA-2013-0964: tomcat6 security update (MODERATE)

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2013-2067 java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.	CVSS2: 6.8	4% Низкий	около 12 лет назад
CVE-2013-2067 java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.	CVSS2: 2.6	4% Низкий	около 12 лет назад
CVE-2013-2067 java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.	CVSS2: 6.8	4% Низкий	около 12 лет назад
CVE-2013-2067 java/org/apache/catalina/authenticator/FormAuthenticator.java in the f ...	CVSS2: 6.8	4% Низкий	около 12 лет назад
GHSA-6m48-jxwx-76q7 Improper Authentication in Apache Tomcat		4% Низкий	около 3 лет назад
ELSA-2013-0964 ELSA-2013-0964: tomcat6 security update (MODERATE)			около 12 лет назад

Уязвимостей на страницу