CVE-2001-0917Sensitive Information Exposure in Apache Tomcat

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
3.4%
top 12.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Tomcat
Timeline
PublishedNov 22
Latest updateApr 30

Description

Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDapache/tomcat4.0.1

🔴Vulnerability Details

3
OSV
Apache Tomcat Reveals Path through Long URL2022-04-30
GHSA
Apache Tomcat Reveals Path through Long URL2022-04-30
CVEList
CVE-2001-0917: Jakarta Tomcat 42002-06-25
CVE-2001-0917 — Sensitive Information Exposure | cvebase