ghsa-cw29-r48c-h5f9
Vulnerability from github
Published
2022-05-17 02:44
Modified
2022-05-17 02:44
Details
org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality.
{ "affected": [], "aliases": [ "CVE-2011-3376" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2011-11-11T21:55:00Z", "severity": "MODERATE" }, "details": "org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application\u0027s functionality.", "id": "GHSA-cw29-r48c-h5f9", "modified": "2022-05-17T02:44:29Z", "published": "2022-05-17T02:44:29Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3376" }, { "type": "WEB", "url": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/DefaultInstanceManager.java?r1=1176588\u0026r2=1176587\u0026pathrev=1176588" }, { "type": "WEB", "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1176588" }, { "type": "WEB", "url": "http://tomcat.apache.org/security-7.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/50603" } ], "schema_version": "1.4.0", "severity": [] }
Loading...