Vulnerability Name:

CVE-2011-0013 (CCN-65160)

Assigned:2010-12-07
Published:2011-01-11
Updated:2023-02-13
Summary:Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-79
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2011-0013

Source: CCN
Type: Apache Geronimo Web site
Fixed in Geronimo 2.1.8

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: RHSA-2011-0791
Moderate: tomcat6 security and bug fix update

Source: CCN
Type: RHSA-2011-0897
Moderate: JBoss Enterprise Web Server 1.0.2 update

Source: CCN
Type: RHSA-2011-1845
Moderate: tomcat5 security update

Source: CCN
Type: SA43198
Apache Tomcat Multiple Vulnerabilities

Source: CCN
Type: SA43991
HP-UX Apache Web Server Suite Multiple Vulnerabilities

Source: CCN
Type: SA45022
Novell Sentinel Log Manager Java and Tomcat Vulnerabilities

Source: CCN
Type: SA46776
Oracle Solaris Apache Tomcat Multiple Vulnerabilities

Source: CCN
Type: SA47379
Apache Geronimo Multiple Vulnerabilities

Source: CCN
Type: SA47503
Blue Coat IntelligenceCenter Multiple Vulnerabilities

Source: CCN
Type: SA47507
Blue Coat IntelligenceCenter Multiple Vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Novell Document ID: 5098550
Sentinel Log Manager 1.2.0.1 (1.2 Hot Fix 1)

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: Patch, Vendor Advisory
secalert@redhat.com

Source: CCN
Type: Apache Tomcat Web Site
Apache Tomcat 6.x vulnerabilities

Source: secalert@redhat.com
Type: Patch, Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: DEBIAN
Type: DSA-2160
tomcat6 -- several vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: OSVDB ID: 71557
Apache Tomcat HTML Manager Multiple XSS

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: BID-46174
Apache Tomcat HTML Manager Interface HTML Injection Vulnerability

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: Exploit
secalert@redhat.com

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: CCN
Type: Sun Product Security Blog, Nov 04, 2011
Multiple vulnerabilities in Apache Tomcat

Source: secalert@redhat.com
Type: Patch
secalert@redhat.com

Source: XF
Type: UNKNOWN
tomcat-manager-interface-xss(65160)

Source: CCN
Type: Blue Coat Security Advisories ID: SA66
January 10, 2012 - Multiple Tomcat vulnerabilities in IntelligenceCenter

Source: CCN
Type: Blue Coat Security Advisories ID: SA67
January 10, 2012 - Multiple PostgreSQL vulnerabilities in IntelligenceCenter

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: IBM Security Bulletin 1609004
Vulnerabilities in AppScan Enterprise and Policy Tester

Source: CCN
Type: IBM Security Bulletin 6496741 (Sterling B2B Integrator)
Apache Log4j Vulnerabilities Affect IBM Sterling B2B Integrator

Source: SUSE
Type: SUSE-SR:2011:005
SUSE Security Summary Report

Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*
    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*
    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*
    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*
    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*
    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*
    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*
    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.16:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.18:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.20:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:6.0.19:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_appscan:8.5:*:*:*:enterprise:*:*:*
  • OR cpe:/a:ibm:security_appscan:8.6:*:*:*:enterprise:*:*:*
  • AND
  • cpe:/o:sun:sunos:5.9:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*
  • OR cpe:/o:sun:sunos:5.10:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*
  • OR cpe:/o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*
  • OR cpe:/a:apache:geronimo:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*
  • OR cpe:/a:apache:geronimo:2.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:geronimo:2.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:geronimo:2.1.3:*:*:*:*:*:*:*
  • OR cpe:/o:oracle:solaris:11_express:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*
  • OR cpe:/a:apache:geronimo:2.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:apache:geronimo:2.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:geronimo:2.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:geronimo:2.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:geronimo:2.1.4:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:5.2.0.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20110013
    V
    		CVE-2011-0013
    2022-05-20
    oval:org.opensuse.security:def:26227
    P
    		Security update for the Linux Kernel (Important)
    2022-01-13
    oval:org.opensuse.security:def:31756
    P
    		Security update for apache2 (Important)
    2022-01-12
    oval:org.opensuse.security:def:32290
    P
    		Security update for apache2 (Important)
    2022-01-12
    oval:org.opensuse.security:def:42242
    P
    		Security update for the Linux Kernel (Important)
    2021-12-06
    oval:org.opensuse.security:def:32229
    P
    		Security update for ruby2.1 (Important)
    2021-12-01
    oval:org.opensuse.security:def:26174
    P
    		Security update for openexr (Moderate)
    2021-12-01
    oval:org.opensuse.security:def:31314
    P
    		Security update for xen (Moderate)
    2021-12-01
    oval:org.opensuse.security:def:32232
    P
    		Security update for webkit2gtk3 (Important)
    2021-12-01
    oval:org.opensuse.security:def:31303
    P
    		Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)
    2021-11-19
    oval:org.opensuse.security:def:31302
    P
    		Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)
    2021-11-19
    oval:org.opensuse.security:def:26161
    P
    		Security update for samba (Important)
    2021-11-10
    oval:org.opensuse.security:def:33011
    P
    		Security update for hivex (Moderate)
    2021-09-23
    oval:org.opensuse.security:def:26117
    P
    		Security update for xen (Important)
    2021-09-02
    oval:org.opensuse.security:def:32180
    P
    		Security update for file (Important)
    2021-09-02
    oval:org.opensuse.security:def:31669
    P
    		Security update for cpio (Important)
    2021-08-23
    oval:org.opensuse.security:def:26103
    P
    		Security update for the Linux Kernel (Important)
    2021-08-10
    oval:org.opensuse.security:def:32972
    P
    		Security update for webkit2gtk3 (Important)
    2021-08-03
    oval:org.opensuse.security:def:32145
    P
    		Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)
    2021-07-21
    oval:org.opensuse.security:def:32124
    P
    		Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)
    2021-06-18
    oval:org.opensuse.security:def:32122
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:42719
    P
    		tomcat6-6.0.41-0.43.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36312
    P
    		tomcat6-6.0.41-0.43.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:26065
    P
    		Security update for polkit (Important)
    2021-06-03
    oval:org.opensuse.security:def:26064
    P
    		Security update for libwebp (Critical)
    2021-06-02
    oval:org.opensuse.security:def:32088
    P
    		Security update for bind (Important)
    2021-05-04
    oval:org.opensuse.security:def:32078
    P
    		Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)
    2021-04-28
    oval:org.opensuse.security:def:31612
    P
    		Security update for gdm (Important)
    2021-04-28
    oval:org.opensuse.security:def:26203
    P
    		Security update for openldap2 (Important)
    2021-03-03
    oval:org.opensuse.security:def:32268
    P
    		Security update for openldap2 (Important)
    2021-03-03
    oval:org.opensuse.security:def:31732
    P
    		Security update for krb5-appl (Important)
    2021-02-19
    oval:org.opensuse.security:def:26146
    P
    		Security update for python3 (Important)
    2021-02-08
    oval:org.opensuse.security:def:35835
    P
    		tomcat6-6.0.18-20.35.36.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:42455
    P
    		tomcat6-6.0.18-20.35.40.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:36048
    P
    		tomcat6-6.0.18-20.35.40.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:26593
    P
    		libnetpbm10 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25861
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31824
    P
    		Security update for bash (Low)
    2020-12-01
    oval:org.opensuse.security:def:26315
    P
    		Security update for MozillaThunderbird (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31520
    P
    		Security update for rpcbind (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27310
    P
    		tomcat6 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25937
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:27011
    P
    		perl-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25609
    P
    		Security update for sysstat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25386
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32532
    P
    		java-1_4_2-ibm on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25882
    P
    		Security update for python-tornado (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25589
    P
    		Security update for zabbix (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26491
    P
    		Security update for nextcloud (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33236
    P
    		ppc64-diag on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31790
    P
    		Security update for MozillaFirefox (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32334
    P
    		Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:31515
    P
    		Security update for quagga (Low)
    2020-12-01
    oval:org.opensuse.security:def:25811
    P
    		Security update for libvirt (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26579
    P
    		libMagickCore1-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26276
    P
    		Security update for python (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32799
    P
    		tomcat6 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31388
    P
    		Security update for openwsman (Important)
    2020-12-01
    oval:org.opensuse.security:def:32388
    P
    		Security update for tomcat6 (Important)
    2020-12-01
    oval:org.opensuse.security:def:27275
    P
    		pure-ftpd on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25873
    P
    		Security update for libcares2 (Low)
    2020-12-01
    oval:org.opensuse.security:def:31968
    P
    		Security update for ipmitool (Important)
    2020-12-01
    oval:org.opensuse.security:def:26373
    P
    		Security update for ffmpeg (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25598
    P
    		Security update for curl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25385
    P
    		Security update for MozillaFirefox (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32493
    P
    		bzip2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25801
    P
    		Security update for libvdpau (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26834
    P
    		tomcat6 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25461
    P
    		Security update for cpio (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26438
    P
    		Security update for ansible (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32598
    P
    		python on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31779
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:26023
    P
    		Security update for evince (Important)
    2020-12-01
    oval:org.opensuse.security:def:31514
    P
    		Security update for quagga (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25727
    P
    		Security update for libzypp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32056
    P
    		Security update for kvm (Important)
    2020-12-01
    oval:org.opensuse.security:def:31996
    P
    		Security update for java-1_7_1-ibm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26540
    P
    		enscript on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31600
    P
    		Security update for tightvnc (Important)
    2020-12-01
    oval:org.opensuse.security:def:26015
    P
    		Security update for libplist (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32760
    P
    		opie on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26637
    P
    		ruby on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25862
    P
    		Recommended update for mariadb (Important)
    2020-12-01
    oval:org.opensuse.security:def:31881
    P
    		Security update for dnsmasq (Important)
    2020-12-01
    oval:org.opensuse.security:def:26329
    P
    		Security update for znc (Low)
    2020-12-01
    oval:org.opensuse.security:def:25597
    P
    		Security update for squid (Critical)
    2020-12-01
    oval:org.opensuse.security:def:32444
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:27046
    P
    		tomcat6 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25673
    P
    		Security update for openldap2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31912
    P
    		Security update for gcc43 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26799
    P
    		pam_mount on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25397
    P
    		Security update for java-1_7_0-openjdk (Important)
    2020-12-01
    oval:org.opensuse.security:def:26287
    P
    		Security update for zeromq (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32554
    P
    		libltdl7 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31778
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:25939
    P
    		Security update for gstreamer-0_10-plugins-base (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25670
    P
    		Security update for ucode-intel (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32017
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:33275
    P
    		tomcat6 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31864
    P
    		Security update for curl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31526
    P
    		Security update for rsyslog (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25962
    P
    		Security update for mariadb (Important)
    2020-12-01
    oval:org.mitre.oval:def:14945
    V
    		HP-UX Apache Running Tomcat Servlet Engine, Remote Information Disclosure, Authentication Bypass, Cross-Site Scripting (XSS), Unauthorized Access, Denial of Service (DoS)
    2015-04-20
    oval:org.mitre.oval:def:12878
    V
    		HP-UX Apache Web Server, Remote Information Disclosure, Cross-Site Scripting (XSS), Denial of Service (DoS)
    2015-04-20
    oval:org.mitre.oval:def:19269
    V
    		HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass, Unauthorized Modification and Other Vulnerabilities
    2015-04-20
    oval:org.mitre.oval:def:13802
    P
    		USN-1097-1 -- tomcat6 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:12894
    P
    		DSA-2160-1 tomcat6 -- several
    2014-06-23
    oval:org.mitre.oval:def:22858
    P
    		ELSA-2011:1845: tomcat5 security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:23523
    P
    		ELSA-2011:0791: tomcat6 security and bug fix update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:21956
    P
    		RHSA-2011:0791: tomcat6 security and bug fix update (Moderate)
    2014-02-24
    oval:org.mitre.oval:def:22151
    P
    		RHSA-2011:1845: tomcat5 security update (Moderate)
    2014-02-24
    oval:com.redhat.rhsa:def:20111845
    P
    		RHSA-2011:1845: tomcat5 security update (Moderate)
    2011-12-20
    oval:com.redhat.rhsa:def:20110791
    P
    		RHSA-2011:0791: tomcat6 security and bug fix update (Moderate)
    2011-05-19
    BACK
    apache tomcat 6.0.12
    apache tomcat 6.0.13
    apache tomcat 6.0.14
    apache tomcat 6.0.15
    apache tomcat 6.0.2
    apache tomcat 6.0.3
    apache tomcat 6.0.4
    apache tomcat 6.0.5
    apache tomcat 6.0.6
    apache tomcat 6.0.7
    apache tomcat 6.0.8
    apache tomcat 6.0.9
    apache tomcat 6.0.16
    apache tomcat 6.0.18
    apache tomcat 6.0.17
    apache tomcat 6.0.20
    apache tomcat 6.0.19
    apache tomcat 5
    apache tomcat 7
    ibm security appscan 8.5
    ibm security appscan 8.6
    sun sunos 5.9
    hp hp-ux b.11.11
    hp hp-ux b.11.23
    sun sunos 5.10
    redhat enterprise linux 5
    redhat enterprise linux 5
    hp hp-ux b.11.31
    apache geronimo 2.1
    redhat enterprise linux 5
    apache geronimo 2.1.1
    apache geronimo 2.1.2
    apache geronimo 2.1.3
    oracle solaris 11_express
    redhat enterprise linux 6
    redhat enterprise linux 6
    apache geronimo 2.1.8
    apache geronimo 2.1.7
    apache geronimo 2.1.6
    apache geronimo 2.1.5
    apache geronimo 2.1.4
    redhat enterprise linux desktop 6
    redhat enterprise linux hpc node 6
    ibm sterling b2b integrator 6.0.0.0
    ibm sterling b2b integrator 5.2.0.0