Skip to main content

Micros Relate Crm Software

3 CVEs product

Monthly

CVE-2019-17563 Maven HIGH PATCH This Week

When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Session Fixation Tomcat Information Disclosure Apache Debian Linux +9
NVD
CVSS 3.1
7.5
EPSS
10.7%
CVE-2018-1304 Maven MEDIUM PATCH This Month

The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Apache Information Disclosure Tomcat Jboss Enterprise Application Platform Jboss Enterprise Web Server +7
NVD
CVSS 3.0
5.9
EPSS
17.4%
CVE-2018-1305 Maven MEDIUM PATCH This Month

Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Apache Information Disclosure Tomcat Debian Linux Ubuntu Linux +3
NVD
CVSS 3.0
6.5
EPSS
14.7%
EPSS 11% CVSS 7.5
HIGH PATCH This Week

When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Session Fixation Tomcat Information Disclosure +11
NVD
EPSS 17% CVSS 5.9
MEDIUM PATCH This Month

The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Apache Information Disclosure Tomcat +9
NVD
EPSS 15% CVSS 6.5
MEDIUM PATCH This Month

Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Apache Information Disclosure Tomcat +5
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy