CVE-2002-1394

EPSS 5.35%
Published 17.01.2003 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.

Affected products Warnungen 0 Metrics 2 CWE 0 References 14

Data is provided by the National Vulnerability Database (NVD)

Apache ≫ Tomcat Version4.0.0

Apache ≫ Tomcat Version4.0.1

Apache ≫ Tomcat Version4.0.2

Apache ≫ Tomcat Version4.0.3

Apache ≫ Tomcat Version4.0.4

Apache ≫ Tomcat Version4.0.5

Apache ≫ Tomcat Version4.1.0

Apache ≫ Tomcat Version4.1.3 Updatebeta

Apache ≫ Tomcat Version4.1.9 Updatebeta

Apache ≫ Tomcat Version4.1.10

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	5.35%	0.897

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

https://lists.apache.org/thread.html/29dc6c2b625789e70a9c4756b5a327e6547273ff8bde7e0327af48c5%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/c62b0e3a7bf23342352a5810c640a94b6db69957c5c19db507004d74%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/rb71997f506c6cc8b530dd845c084995a9878098846c7b4eacfae8db3%40%3Cdev.tomcat.apache.org%3E

http://issues.apache.org/bugzilla/show_bug.cgi?id=13365

http://marc.info/?l=bugtraq&m=103470282514938&w=2

http://marc.info/?l=tomcat-dev&m=103417249325526&w=2

http://www.debian.org/security/2003/dsa-225

http://www.redhat.com/support/errata/RHSA-2003-075.html

http://www.redhat.com/support/errata/RHSA-2003-082.html

http://www.securityfocus.com/bid/6562

https://exchange.xforce.ibmcloud.com/vulnerabilities/10376

https://nvd.nist.gov/vuln/detail/CVE-2002-1394

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-1394

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-1394

EUVD