Количество 13
Количество 13
CVE-2016-0762
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder.
CVE-2016-0762
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder.
CVE-2016-0762
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder.
CVE-2016-0762
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0. ...
GHSA-wxcp-f2c8-x6xv
Observable Discrepancy in Apache Tomcat
BDU:2022-04494
Уязвимость реализации Realm сервера приложений Apache Tomcat, связанная с раскрытием информации через несоответствие, позволяющая нарушителю определить все существующие имена пользователей
ELSA-2017-2247
ELSA-2017-2247: tomcat security, bug fix, and enhancement update (LOW)
openSUSE-SU-2016:3144-1
Security update for tomcat
openSUSE-SU-2016:3129-1
Security update for tomcat
SUSE-SU-2016:3081-1
Security update for tomcat
SUSE-SU-2016:3079-1
Security update for tomcat
SUSE-SU-2017:1632-1
Security update for tomcat6
SUSE-SU-2017:1660-1
Security update for tomcat
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2016-0762 The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder. | CVSS3: 5.9 | 1% Низкий | около 8 лет назад |
 | CVE-2016-0762 The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder. | CVSS3: 3.7 | 1% Низкий | около 9 лет назад |
 | CVE-2016-0762 The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder. | CVSS3: 5.9 | 1% Низкий | около 8 лет назад |
| CVE-2016-0762 The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0. ... | CVSS3: 5.9 | 1% Низкий | около 8 лет назад |
| GHSA-wxcp-f2c8-x6xv Observable Discrepancy in Apache Tomcat | CVSS3: 5.9 | 1% Низкий | больше 3 лет назад |
 | BDU:2022-04494 Уязвимость реализации Realm сервера приложений Apache Tomcat, связанная с раскрытием информации через несоответствие, позволяющая нарушителю определить все существующие имена пользователей | CVSS3: 5.9 | 1% Низкий | почти 10 лет назад |
| ELSA-2017-2247 ELSA-2017-2247: tomcat security, bug fix, and enhancement update (LOW) | больше 8 лет назад | ||
 | openSUSE-SU-2016:3144-1 Security update for tomcat | почти 9 лет назад | ||
| openSUSE-SU-2016:3129-1 Security update for tomcat | почти 9 лет назад | ||
| SUSE-SU-2016:3081-1 Security update for tomcat | почти 9 лет назад | ||
| SUSE-SU-2016:3079-1 Security update for tomcat | почти 9 лет назад | ||
| SUSE-SU-2017:1632-1 Security update for tomcat6 | больше 8 лет назад | ||
| SUSE-SU-2017:1660-1 Security update for tomcat | больше 8 лет назад |
Уязвимостей на страницу