CVE-2005-4836Sensitive Information Exposure in Apache Tomcat

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.9%
top 24.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Tomcat
Timeline
PublishedDec 31
Latest updateMay 1

Description

The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information.

CVSS vector

AV:N/AC:L/C:C/I:N/A:NExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

NVDapache/tomcat25 versions+24

🔴Vulnerability Details

3
OSV
Apache Tomcat allows remote attackers to read JSP source files2022-05-01
GHSA
Apache Tomcat allows remote attackers to read JSP source files2022-05-01
CVEList
CVE-2005-4836: The HTTP/12007-05-09
CVE-2005-4836 — Sensitive Information Exposure | cvebase