CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-1148

The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.394

EPSS Ranking 97.1%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2002-1148

Apache » Tomcat » Version: 3.0

cpe:2.3:a:apache:tomcat:3.0
Apache » Tomcat » Version: 3.1

cpe:2.3:a:apache:tomcat:3.1
Apache » Tomcat » Version: 3.1.1

cpe:2.3:a:apache:tomcat:3.1.1
Apache » Tomcat » Version: 3.2

cpe:2.3:a:apache:tomcat:3.2
Apache » Tomcat » Version: 3.2.1

cpe:2.3:a:apache:tomcat:3.2.1
Apache » Tomcat » Version: 3.2.2

cpe:2.3:a:apache:tomcat:3.2.2
Apache » Tomcat » Version: 3.2.3

cpe:2.3:a:apache:tomcat:3.2.3
Apache » Tomcat » Version: 3.2.4

cpe:2.3:a:apache:tomcat:3.2.4
Apache » Tomcat » Version: 3.3

cpe:2.3:a:apache:tomcat:3.3
Apache » Tomcat » Version: 3.3.1

cpe:2.3:a:apache:tomcat:3.3.1
Apache » Tomcat » Version: 4.0.0

cpe:2.3:a:apache:tomcat:4.0.0
Apache » Tomcat » Version: 4.0.1

cpe:2.3:a:apache:tomcat:4.0.1
Apache » Tomcat » Version: 4.0.2

cpe:2.3:a:apache:tomcat:4.0.2
Apache » Tomcat » Version: 4.0.3

cpe:2.3:a:apache:tomcat:4.0.3
Apache » Tomcat » Version: 4.0.4

cpe:2.3:a:apache:tomcat:4.0.4
Apache » Tomcat » Version: 4.1.0

cpe:2.3:a:apache:tomcat:4.1.0
Apache » Tomcat » Version: 4.1.10

cpe:2.3:a:apache:tomcat:4.1.10
Apache » Tomcat » Version: 4.1.3

cpe:2.3:a:apache:tomcat:4.1.3
Apache » Tomcat » Version: 4.1.9

cpe:2.3:a:apache:tomcat:4.1.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-1148

Products

Pricing

Contact Us