CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2000-0672

The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.032

EPSS Ranking 86.4%

CVSS Severity

CVSS v2 Score 5.0

References

http://archives.neohapsis.com/archives/bugtraq/2000-07/0309.html
http://www.securityfocus.com/bid/1548
https://exchange.xforce.ibmcloud.com/vulnerabilities/5160
http://archives.neohapsis.com/archives/bugtraq/2000-07/0309.html
http://www.securityfocus.com/bid/1548
https://exchange.xforce.ibmcloud.com/vulnerabilities/5160

Products affected by CVE-2000-0672

Apache » Tomcat » Version: 3.0

cpe:2.3:a:apache:tomcat:3.0
Apache » Tomcat » Version: 3.1

cpe:2.3:a:apache:tomcat:3.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2000-0672

Products

Pricing

Contact Us