CVE-2000-1210 — Path Traversal in Apache Tomcat

CWE-22 — Path Traversal4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

3.7%

top 12.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Tomcat

Timeline

PublishedMar 22

Latest updateApr 30

Description

Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDapache/tomcat3.1

Patches

Patch: www.iss.net ↗Patch: www.iss.net ↗

🔴Vulnerability Details

GHSA

Apache Tomcat Directory Traversal↗2022-04-30

▶

OSV

Apache Tomcat Directory Traversal↗2022-04-30

▶

CVEList

CVE-2000-1210: Directory traversal vulnerability in source↗2003-04-02

▶