Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-0759Sensitive Information Exposure in Apache Tomcat

CWE-200Sensitive Information Exposure6 documents6 sources
Severity
6.4MEDIUMNVD
EPSS
39.8%
top 2.67%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Apache Tomcat
Timeline
PublishedOct 20
Latest updateApr 30

Description

Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

NVDapache/tomcat3.1

🔴Vulnerability Details

3
GHSA
Jakarta Apache Tomcat Reveals Physical Paths2022-04-30
OSV
Jakarta Apache Tomcat Reveals Physical Paths2022-04-30
CVEList
CVE-2000-0759: Jakarta Tomcat 32000-09-21

💥Exploits & PoCs

1
Exploit-DB
Apache Tomcat 3.1 - Path Revealing2000-07-20

🕵️Threat Intelligence

1
Talos
Vulnerability Spotlight: Code execution vulnerability in Microsoft Excel2020-02-11
CVE-2000-0759 — Sensitive Information Exposure | cvebase