Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2011-1419

Apache Tomcat 7.x before 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.161
EPSS Ranking 94.5%
CVSS Severity
CVSS v2 Score 5.8
References
Products affected by CVE-2011-1419
  • Apache » Tomcat » Version: 7.0.0
    cpe:2.3:a:apache:tomcat:7.0.0
  • Apache » Tomcat » Version: 7.0.1
    cpe:2.3:a:apache:tomcat:7.0.1
  • Apache » Tomcat » Version: 7.0.10
    cpe:2.3:a:apache:tomcat:7.0.10
  • Apache » Tomcat » Version: 7.0.2
    cpe:2.3:a:apache:tomcat:7.0.2
  • Apache » Tomcat » Version: 7.0.3
    cpe:2.3:a:apache:tomcat:7.0.3
  • Apache » Tomcat » Version: 7.0.4
    cpe:2.3:a:apache:tomcat:7.0.4
  • Apache » Tomcat » Version: 7.0.5
    cpe:2.3:a:apache:tomcat:7.0.5
  • Apache » Tomcat » Version: 7.0.6
    cpe:2.3:a:apache:tomcat:7.0.6
  • Apache » Tomcat » Version: 7.0.7
    cpe:2.3:a:apache:tomcat:7.0.7
  • Apache » Tomcat » Version: 7.0.8
    cpe:2.3:a:apache:tomcat:7.0.8
  • Apache » Tomcat » Version: 7.0.9
    cpe:2.3:a:apache:tomcat:7.0.9


Products
Pricing
Contact Us

Shodan ® - All rights reserved