ghsa-cw29-r48c-h5f9
Vulnerability from github
Published
2022-05-17 02:44
Modified
2022-05-17 02:44
Details

org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2011-3376"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-11-11T21:55:00Z",
    "severity": "MODERATE"
  },
  "details": "org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application\u0027s functionality.",
  "id": "GHSA-cw29-r48c-h5f9",
  "modified": "2022-05-17T02:44:29Z",
  "published": "2022-05-17T02:44:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3376"
    },
    {
      "type": "WEB",
      "url": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/DefaultInstanceManager.java?r1=1176588\u0026r2=1176587\u0026pathrev=1176588"
    },
    {
      "type": "WEB",
      "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1176588"
    },
    {
      "type": "WEB",
      "url": "http://tomcat.apache.org/security-7.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/50603"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.