Vulnerability Name: CVE-2014-7810 (CCN-103155) Assigned: 2014-10-03 Published: 2015-05-14 Updated: 2019-04-15 Summary: The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation. CVSS v3 Severity: 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): LowAvailibility (A): None
CVSS v2 Severity: 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N )3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): PartialAvailibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N )3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): PartialAvailibility (A): None
5.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N )4.3 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): None
Vulnerability Type: CWE-284 Vulnerability Consequences: Bypass Security References: Source: MITRE Type: CNACVE-2014-7810 Source: CCN Type: Apache Mailing List, Thu, 14 May 2015 14:03:08 GMTCVE-2014-7810: Apache Tomcat Security Manager Bypass Source: HP Type: Third Party AdvisoryHPSBUX03561 Source: REDHAT Type: UNKNOWNRHSA-2015:1621 Source: REDHAT Type: UNKNOWNRHSA-2015:1622 Source: CCN Type: RHSA-2016-0492Moderate: tomcat6 security and bug fix update Source: REDHAT Type: UNKNOWNRHSA-2016:0492 Source: CCN Type: RHSA-2016-2046Important: tomcat security update Source: REDHAT Type: UNKNOWNRHSA-2016:2046 Source: CONFIRM Type: Patchhttp://svn.apache.org/viewvc?view=revision&revision=1644018 Source: CONFIRM Type: Patchhttp://svn.apache.org/viewvc?view=revision&revision=1645642 Source: CCN Type: Apache Web siteTomcat Source: CONFIRM Type: Patch, Vendor Advisoryhttp://tomcat.apache.org/security-6.html Source: CONFIRM Type: Patch, Vendor Advisoryhttp://tomcat.apache.org/security-7.html Source: CONFIRM Type: Patch, Vendor Advisoryhttp://tomcat.apache.org/security-8.html Source: DEBIAN Type: UNKNOWNDSA-3428 Source: DEBIAN Type: UNKNOWNDSA-3447 Source: DEBIAN Type: Third Party AdvisoryDSA-3530 Source: CCN Type: IBM Security Bulletin 738367 (Tivoli Storage Productivity Center)Bypass security vulnerability in WebSphere Application Server affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2014-7810) Source: CCN Type: IBM Security Bulletin 794189 (MessageSight)Security Bulletin: IBM MessageSight is affected by an IBM WebSphere Liberty expression language vulnerability Source: CCN Type: IBM Security Bulletin 869808 (Spectrum Protect for Virtual Environments)Vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Spectrum Protect for Virtual Environments (CVE-2014-7810, CVE-2018-8039) Source: CCN Type: IBM Security Bulletin 869814 (Spectrum Protect Snapshot)Vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Spectrum Protect Snapshot for VMware (CVE-2014-7810, CVE-2018-8039) Source: CCN Type: IBM Security Bulletin 872052 (InfoSphere Streams)Vulnerabilities in WAS traditional and liberty Source: CCN Type: IBM Security Bulletin 872112 (Security Identity Governance and Intelligence)IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities for IBM WebSphere Liberty Server Source: CCN Type: IBM Security Bulletin 876338 (Spectrum Protect for Workstations)Multiple vulnerabilities in WebSphere Application Server Liberty affect IBM Spectrum Protect for Workstations Central Administration Console (CVE-2014-7810, CVE-2018-8039, CVE-2018-1901) Source: CCN Type: IBM Security Bulletin 879017 (Security AppScan Enterprise)Potential bypass security vulnerability in Expression Language library used by WebSphere Application Server (CVE-2014-7810) affects IBM Security AppScan Enterprise Source: CCN Type: IBM Security Bulletin 881456 (Control Center)Multiple Websphere Vulnerabilities Impact IBM Control Center (CVE-2018-3169, CVE-2014-7810, CVE-2018-1767) Source: CCN Type: IBM Security Bulletin 957781 (Security Privileged Identity Manager)IBM Security Privileged Identity Manager is affected by multiple vulnerabilities Source: CCN Type: IBM Security Bulletin 1698085Rational DOORS Web Access is affected by Apache Tomcat vulnerabilities (CVE-2014-0227, CVE-2014-7810, CVE-2014-0230) Source: CCN Type: IBM Security Bulletin 1960572IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities (CVE-2014-0230, CVE-2014-7810,CVE-2014-0227) Source: CCN Type: IBM Security Bulletin 1961088Open Source Apache Tomcat vulnerability and vulnerability in Diffie-Hellman ciphers affects IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2014-0230, CVE-2014-7810, CVE-2015-4000) Source: CCN Type: IBM Security Bulletin 1961208Multiple security vulnerabilities in Open Source Apache Tomcat affect IBM Cognos Business Viewpoint (CVE-2014-0227, CVE-2014-0230, CVE-2014-7810) Source: CCN Type: IBM Security Bulletin 1966177IBM Cognos TM1 is affected by multiple vulnerabilities Source: CCN Type: IBM Security Bulletin 1968268Open Source Apache Tomcat as used in IBM QRadar SIEM is vulnerable to a security bypass. (CVE-2014-7810) Source: CCN Type: IBM Security Bulletin 1972376Multiple Security Vulnerabilities exist in IBM Cognos Express. Source: CCN Type: IBM Security Bulletin 1976103Multiple Security Vulnerabilities in Apache Tomcat affect IBM RLKS Administration and Reporting Tool Source: CCN Type: IBM Security Bulletin 1980321 (Rational Directory Server)Rational Directory Server (Tivoli) is affected by an Apache Tomcat vulnerability (CVE-2014-7810) Source: CONFIRM Type: UNKNOWNhttp://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html Source: CONFIRM Type: UNKNOWNhttp://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html Source: CONFIRM Type: UNKNOWNhttp://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html Source: CONFIRM Type: UNKNOWNhttp://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html Source: BID Type: UNKNOWN74665 Source: CCN Type: BID-74665Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability Source: SECTRACK Type: UNKNOWN1032330 Source: UBUNTU Type: UNKNOWNUSN-2654-1 Source: UBUNTU Type: UNKNOWNUSN-2655-1 Source: XF Type: UNKNOWNapache-tomcat-cve20147810-sec-bypass(103155) Source: CONFIRM Type: Third Party Advisoryhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964 Source: MLIST Type: UNKNOWN[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/ Source: MLIST Type: UNKNOWN[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ Source: MLIST Type: UNKNOWN[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/ Source: MLIST Type: UNKNOWN[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ Source: MLIST Type: UNKNOWN[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/ Source: MLIST Type: UNKNOWN[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/ Source: MLIST Type: UNKNOWN[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/ Source: CCN Type: IBM Security Bulletin 0729557 (WebSphere Application Server) Potential bypass security vulnerability in Expression Language library used by WebSphere Application Server (CVE-2014-7810) Source: CCN Type: IBM Security Bulletin 737055 (Liberty for Java for Bluemix)Multiple security vulnerabilities affect Liberty for Java for IBM Cloud Source: CCN Type: IBM Security Bulletin 737753 (WebSphere Application Server in Cloud)Multiple security vulnerabilities affect IBM WebSphere Application Server in IBM Cloud Source: CCN Type: IBM Security Bulletin 743113 (Rational Asset Analyzer)Rational Asset Analyzer (RAA) is affected by a vulnerability in WAS liberty. Source: CCN Type: IBM Security Bulletin 795079 (Mobile Foundation) WAS traditional and liberty vulnerable to CVE-2014-7810 Source: CCN Type: IBM Security Bulletin 796180 (Tivoli Monitoring V6)Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application Server Source: CCN Type: IBM Security Bulletin 872266 (Cloud Transformation Advisor)IBM Cloud Transformation Advisor is affected by a vulnerability in WebSphere Application Server Liberty (CVE-2014-7810) Source: CCN Type: IBM Security Bulletin 873310 (BigFix Remote Control)Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime and OpenSSL and Liberty affect IBM BigFix Remote Control Source: CCN Type: IBM Security Bulletin 879923 (Endpoint Manager for Lifecycle Management)Server Automation is affected by the following vulnerability exposures (CVE-2014-7810, CVE-2018-1767, CVE-2018-1901, CVE-2018-10237) Source: CCN Type: IBM Security Bulletin 880523 (App Connect Enterprise)IBM Integration Bus & IBM App Connect Enterprise are affected by a Websphere Application Server Vulnerability (CVE-2014-7810) Source: CCN Type: IBM Security Bulletin 883352 (Cloud App Management)A vulnerability in Apache Tomcat could affect IBM Cloud App Management V2018 Source: CCN Type: IBM Security Bulletin 6496741 (Sterling B2B Integrator)Apache Log4j Vulnerabilities Affect IBM Sterling B2B Integrator Source: CCN Type: IBM Security Bulletin 6595755 (Disconnected Log Collector)IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities Source: CCN Type: WhiteSource Vulnerability DatabaseCVE-2014-7810 Vulnerable Configuration: Configuration 1 :cpe:/o:debian:debian_linux:7.0:*:*:*:*:*:*:* Configuration 2 :cpe:/a:apache:tomcat:6.0.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.2:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.2:beta:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.4:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.5:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.6:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.7:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.7:beta:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.8:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.9:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.9:beta:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.10:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.11:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.14:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.15:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.16:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.17:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.18:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.19:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.20:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.24:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.26:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.27:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.28:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.29:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.30:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.31:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.32:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.33:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.35:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.36:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.37:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.39:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.41:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.43:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.0:beta:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.2:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.2:beta:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.4:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.4:beta:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.5:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.6:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.7:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.8:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.9:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.10:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.11:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.12:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.13:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.14:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.15:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.16:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.17:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.18:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.19:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.20:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.21:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.22:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.23:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.24:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.25:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.26:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.27:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.28:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.29:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.30:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.31:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.32:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.33:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.34:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.35:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.36:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.37:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.38:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.39:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.40:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.41:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.42:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.43:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.44:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.45:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.46:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.47:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.48:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.49:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.50:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.52:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.53:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.54:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.55:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.56:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.57:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.5:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.8:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.9:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.11:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.12:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.14:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.15:*:*:*:*:*:*:* Configuration 3 :cpe:/a:apache:tomcat:6.0.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.2:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.2:beta:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.4:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.5:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.6:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.7:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.7:beta:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.8:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.9:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.9:beta:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.10:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.11:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.14:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.15:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.16:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.17:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.18:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.19:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.20:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.24:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.26:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.27:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.28:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.29:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.30:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.31:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.32:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.33:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.35:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.36:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.37:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.39:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.41:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:6.0.43:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.0:beta:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.2:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.2:beta:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.4:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.4:beta:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.5:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.6:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.7:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.8:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.9:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.10:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.11:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.12:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.13:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.14:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.15:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.16:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.17:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.18:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.19:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.20:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.21:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.22:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.23:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.24:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.25:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.26:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.27:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.28:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.29:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.30:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.31:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.32:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.33:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.34:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.35:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.36:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.37:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.38:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.39:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.40:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.41:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.42:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.43:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.44:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.45:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.46:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.47:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.48:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.49:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.50:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.52:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.53:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.54:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.55:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.56:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.57:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.1:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.3:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.5:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.8:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.9:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.11:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.12:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.14:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0.15:*:*:*:*:*:*:* AND cpe:/o:hp:hp-ux:11.31:*:*:*:*:*:*:* Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:* Configuration RedHat 2 :cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:* Configuration RedHat 3 :cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:* Configuration RedHat 4 :cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:* Configuration RedHat 5 :cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:* Configuration RedHat 6 :cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:* Configuration RedHat 7 :cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:* Configuration RedHat 8 :cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:* Configuration RedHat 9 :cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:* Configuration RedHat 10 :cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:* Configuration CCN 1 :cpe:/a:apache:tomcat:6:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:7.0.0:*:*:*:*:*:*:* OR cpe:/a:apache:tomcat:8.0:*:*:*:*:*:*:* AND cpe:/a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:1.4:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:1.4.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:1.4.0.3:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_express:9.5:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_tm1:9.5.2:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:* OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.1:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_express:10.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_directory_server:5.2.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_tm1:10.1.1:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:* OR cpe:/a:ibm:integration_bus:9.0.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_express:10.2.1:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_tm1:10.2.2:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_business_viewpoint:10.1:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_business_viewpoint:10.1.1:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.6:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.7:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.8:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.9:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.12:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.15:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.3.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.3.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.4.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.4.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:7.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:7.0.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.1:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.2:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_license_key_server:8.1.4:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_license_key_server:8.1.4.2:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_license_key_server:8.1.4.3:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_tm1:10.2:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:1.4.0.4:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:1.4.0.5:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:1.5:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:1.5.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:9.5:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:9.5.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:9.5.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:9.5.1.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:9.5.2:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:9.5.2.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:9.6:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:9.6.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:1.4.0.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:9.6.1:*:*:*:*:*:*:* OR cpe:/a:ibm:messagesight:1.2:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.3:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:7.0.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_license_key_server:8.1.4.4:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_license_key_server:8.1.4.5:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_license_key_server:8.1.4.6:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.2.3.3:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.2.3.4:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.2.3.5:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.3.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.3.0.3:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.3.0.4:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:9.6.1.1:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_license_key_server:8.1.4.7:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_doors_web_access:9.6.1.3:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_license_key_server:8.1.4.8:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_license_key_server:8.1.4.9:*:*:*:*:*:*:* OR cpe:/a:ibm:spectrum_protect_for_virtual_environments:7.1:*:*:*:*:hyper-v:*:* OR cpe:/a:ibm:spectrum_protect:7.1:*:*:*:workstations:*:*:* OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2:*:*:*:*:*:*:* OR cpe:/a:ibm:security_privileged_identity_manager:2.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:cognos_express:10.2.2:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_license_key_server:8.1.4.1:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_hpc_node:7:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_workstation:7:*:*:*:*:*:*:* OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.1:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_server:6:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_server_eus:6.7.z:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_workstation:6:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.3.0.5:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.3.0.6:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:* OR cpe:/a:ibm:spectrum_protect:8.1:*:*:*:virtual_environments:*:*:* OR cpe:/a:ibm:endpoint_manager:*:*:*:*:lifecycle_management:*:*:* OR cpe:/a:ibm:bigfix_remote_control:9.1.4:*:*:*:*:*:*:* OR cpe:/a:ibm:spectrum_protect:8.1:*:*:*:workstations:*:*:* OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.2:*:*:*:*:*:*:* OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.2.1:*:*:*:*:*:*:* OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3:*:*:*:*:*:*:* OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3.1:*:*:*:*:*:*:* OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3.2:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_asset_analyzer:6.1.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.4:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.2.3.3:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.2.3.4:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.2.3.5:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.3.0.2:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.3.0.3:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.3.0.4:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.3.0.5:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.3.0.6:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_application_server_in_cloud:8.5:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_application_server_in_cloud:9.0:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_application_server:::~~liberty~~~:*:*:*:*:* OR cpe:/a:ibm:mobile_foundation:8.0.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_application_server_in_cloud:*:*:*:*:liberty:*:*:* OR cpe:/a:ibm:app_connect:11.0.0.0:*:*:*:enterprise:*:*:* OR cpe:/a:ibm:integration_bus:9.0.0.11:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_message_broker:8.0.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_message_broker:8.0.0.9:*:*:*:*:*:*:* OR cpe:/a:ibm:integration_bus:10.0.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:control_center:6.0.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:control_center:6.1.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:rational_asset_analyzer:6.1.0.18:*:*:*:*:*:*:* OR cpe:/a:ibm:integration_bus:10.0.0.15:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_storage_productivity_center:5.2.0:*:*:*:*:*:*:* OR cpe:/a:ibm:tivoli_storage_productivity_center:5.2.7.1:*:*:*:*:*:*:* OR cpe:/a:ibm:spectrum_control:5.2.8:*:*:*:*:*:*:* OR cpe:/a:ibm:spectrum_control:5.2.10.1:*:*:*:*:*:*:* OR cpe:/a:ibm:spectrum_control:5.2.11:*:*:*:*:*:*:* OR cpe:/a:ibm:spectrum_control:5.2.12:*:*:*:*:*:*:* OR cpe:/a:ibm:spectrum_control:5.2.13:*:*:*:*:*:*:* OR cpe:/a:ibm:spectrum_control:5.2.14:*:*:*:*:*:*:* OR cpe:/a:ibm:spectrum_control:5.2.15:*:*:*:*:*:*:* OR cpe:/a:ibm:spectrum_control:5.2.15.2:*:*:*:*:*:*:* OR cpe:/a:ibm:spectrum_control:5.2.16:*:*:*:*:*:*:* OR cpe:/a:ibm:spectrum_control:5.2.17.0:*:*:*:*:*:*:* OR cpe:/a:ibm:spectrum_control:5.2.17.1:*:standard:*:*:*:*:* OR cpe:/a:ibm:spectrum_control:5.3.0:*:*:*:*:*:*:* OR cpe:/a:ibm:cloud_transformation_advisor:1.8.0:*:*:*:*:*:*:* OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.4.1:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:sterling_b2b_integrator:5.2.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:infosphere_streams:3.2.1.6:*:*:*:*:*:*:* OR cpe:/a:ibm:infosphere_streams:4.0.1.6:*:*:*:*:*:*:* OR cpe:/a:ibm:streams:4.1.1.7:*:*:*:*:*:*:* OR cpe:/a:ibm:streams:4.2.1.5:*:*:*:*:*:*:* OR cpe:/a:ibm:streams:4.3.0.0:*:*:*:*:*:*:* OR cpe:/a:ibm:security_appscan:9.0.3.12:*:*:*:enterprise:*:*:* OR cpe:/a:ibm:app_connect:11.0.0.3:*:*:*:enterprise:*:*:* Denotes that component is vulnerable Oval Definitions BACK
debian debian linux 7.0
apache tomcat 6.0.0
apache tomcat 6.0.0 alpha
apache tomcat 6.0.1
apache tomcat 6.0.1 alpha
apache tomcat 6.0.2
apache tomcat 6.0.2 alpha
apache tomcat 6.0.2 beta
apache tomcat 6.0.3
apache tomcat 6.0.4
apache tomcat 6.0.4 alpha
apache tomcat 6.0.5
apache tomcat 6.0.6
apache tomcat 6.0.6 alpha
apache tomcat 6.0.7
apache tomcat 6.0.7 alpha
apache tomcat 6.0.7 beta
apache tomcat 6.0.8
apache tomcat 6.0.8 alpha
apache tomcat 6.0.9
apache tomcat 6.0.9 beta
apache tomcat 6.0.10
apache tomcat 6.0.11
apache tomcat 6.0.12
apache tomcat 6.0.13
apache tomcat 6.0.14
apache tomcat 6.0.15
apache tomcat 6.0.16
apache tomcat 6.0.17
apache tomcat 6.0.18
apache tomcat 6.0.19
apache tomcat 6.0.20
apache tomcat 6.0.24
apache tomcat 6.0.26
apache tomcat 6.0.27
apache tomcat 6.0.28
apache tomcat 6.0.29
apache tomcat 6.0.30
apache tomcat 6.0.31
apache tomcat 6.0.32
apache tomcat 6.0.33
apache tomcat 6.0.35
apache tomcat 6.0.36
apache tomcat 6.0.37
apache tomcat 6.0.39
apache tomcat 6.0.41
apache tomcat 6.0.43
apache tomcat 7.0.0
apache tomcat 7.0.0 beta
apache tomcat 7.0.1
apache tomcat 7.0.2
apache tomcat 7.0.2 beta
apache tomcat 7.0.3
apache tomcat 7.0.4
apache tomcat 7.0.4 beta
apache tomcat 7.0.5
apache tomcat 7.0.6
apache tomcat 7.0.7
apache tomcat 7.0.8
apache tomcat 7.0.9
apache tomcat 7.0.10
apache tomcat 7.0.11
apache tomcat 7.0.12
apache tomcat 7.0.13
apache tomcat 7.0.14
apache tomcat 7.0.15
apache tomcat 7.0.16
apache tomcat 7.0.17
apache tomcat 7.0.18
apache tomcat 7.0.19
apache tomcat 7.0.20
apache tomcat 7.0.21
apache tomcat 7.0.22
apache tomcat 7.0.23
apache tomcat 7.0.24
apache tomcat 7.0.25
apache tomcat 7.0.26
apache tomcat 7.0.27
apache tomcat 7.0.28
apache tomcat 7.0.29
apache tomcat 7.0.30
apache tomcat 7.0.31
apache tomcat 7.0.32
apache tomcat 7.0.33
apache tomcat 7.0.34
apache tomcat 7.0.35
apache tomcat 7.0.36
apache tomcat 7.0.37
apache tomcat 7.0.38
apache tomcat 7.0.39
apache tomcat 7.0.40
apache tomcat 7.0.41
apache tomcat 7.0.42
apache tomcat 7.0.43
apache tomcat 7.0.44
apache tomcat 7.0.45
apache tomcat 7.0.46
apache tomcat 7.0.47
apache tomcat 7.0.48
apache tomcat 7.0.49
apache tomcat 7.0.50
apache tomcat 7.0.52
apache tomcat 7.0.53
apache tomcat 7.0.54
apache tomcat 7.0.55
apache tomcat 7.0.56
apache tomcat 7.0.57
apache tomcat 8.0.0 rc1
apache tomcat 8.0.0 rc10
apache tomcat 8.0.0 rc2
apache tomcat 8.0.0 rc5
apache tomcat 8.0.1
apache tomcat 8.0.3
apache tomcat 8.0.5
apache tomcat 8.0.8
apache tomcat 8.0.9
apache tomcat 8.0.11
apache tomcat 8.0.12
apache tomcat 8.0.14
apache tomcat 8.0.15
apache tomcat 6.0.0
apache tomcat 6.0.0 alpha
apache tomcat 6.0.1
apache tomcat 6.0.1 alpha
apache tomcat 6.0.2
apache tomcat 6.0.2 alpha
apache tomcat 6.0.2 beta
apache tomcat 6.0.3
apache tomcat 6.0.4
apache tomcat 6.0.4 alpha
apache tomcat 6.0.5
apache tomcat 6.0.6
apache tomcat 6.0.6 alpha
apache tomcat 6.0.7
apache tomcat 6.0.7 alpha
apache tomcat 6.0.7 beta
apache tomcat 6.0.8
apache tomcat 6.0.8 alpha
apache tomcat 6.0.9
apache tomcat 6.0.9 beta
apache tomcat 6.0.10
apache tomcat 6.0.11
apache tomcat 6.0.12
apache tomcat 6.0.13
apache tomcat 6.0.14
apache tomcat 6.0.15
apache tomcat 6.0.16
apache tomcat 6.0.17
apache tomcat 6.0.18
apache tomcat 6.0.19
apache tomcat 6.0.20
apache tomcat 6.0.24
apache tomcat 6.0.26
apache tomcat 6.0.27
apache tomcat 6.0.28
apache tomcat 6.0.29
apache tomcat 6.0.30
apache tomcat 6.0.31
apache tomcat 6.0.32
apache tomcat 6.0.33
apache tomcat 6.0.35
apache tomcat 6.0.36
apache tomcat 6.0.37
apache tomcat 6.0.39
apache tomcat 6.0.41
apache tomcat 6.0.43
apache tomcat 7.0.0
apache tomcat 7.0.0 beta
apache tomcat 7.0.1
apache tomcat 7.0.2
apache tomcat 7.0.2 beta
apache tomcat 7.0.3
apache tomcat 7.0.4
apache tomcat 7.0.4 beta
apache tomcat 7.0.5
apache tomcat 7.0.6
apache tomcat 7.0.7
apache tomcat 7.0.8
apache tomcat 7.0.9
apache tomcat 7.0.10
apache tomcat 7.0.11
apache tomcat 7.0.12
apache tomcat 7.0.13
apache tomcat 7.0.14
apache tomcat 7.0.15
apache tomcat 7.0.16
apache tomcat 7.0.17
apache tomcat 7.0.18
apache tomcat 7.0.19
apache tomcat 7.0.20
apache tomcat 7.0.21
apache tomcat 7.0.22
apache tomcat 7.0.23
apache tomcat 7.0.24
apache tomcat 7.0.25
apache tomcat 7.0.26
apache tomcat 7.0.27
apache tomcat 7.0.28
apache tomcat 7.0.29
apache tomcat 7.0.30
apache tomcat 7.0.31
apache tomcat 7.0.32
apache tomcat 7.0.33
apache tomcat 7.0.34
apache tomcat 7.0.35
apache tomcat 7.0.36
apache tomcat 7.0.37
apache tomcat 7.0.38
apache tomcat 7.0.39
apache tomcat 7.0.40
apache tomcat 7.0.41
apache tomcat 7.0.42
apache tomcat 7.0.43
apache tomcat 7.0.44
apache tomcat 7.0.45
apache tomcat 7.0.46
apache tomcat 7.0.47
apache tomcat 7.0.48
apache tomcat 7.0.49
apache tomcat 7.0.50
apache tomcat 7.0.52
apache tomcat 7.0.53
apache tomcat 7.0.54
apache tomcat 7.0.55
apache tomcat 7.0.56
apache tomcat 7.0.57
apache tomcat 8.0.0 rc1
apache tomcat 8.0.0 rc10
apache tomcat 8.0.0 rc2
apache tomcat 8.0.0 rc5
apache tomcat 8.0.1
apache tomcat 8.0.3
apache tomcat 8.0.5
apache tomcat 8.0.8
apache tomcat 8.0.9
apache tomcat 8.0.11
apache tomcat 8.0.12
apache tomcat 8.0.14
apache tomcat 8.0.15
hp hp-ux 11.31
apache tomcat 6
apache tomcat 7.0.0
apache tomcat 8.0
ibm websphere application server 7.0
ibm rational doors web access 1.4
ibm rational doors web access 1.4.0.2
ibm rational doors web access 1.4.0.3
ibm websphere application server 8.0
ibm cognos express 9.5
ibm cognos tm1 9.5.2
ibm websphere application server 8.5
ibm tivoli monitoring 6.2.3
ibm qradar security information and event manager 7.1
ibm cognos express 10.1
ibm rational directory server 5.2.0.2
ibm cognos tm1 10.1.1
ibm tivoli monitoring 6.2.3.1
ibm tivoli monitoring 6.2.3.2
ibm integration bus 9.0.0.0
ibm qradar security information and event manager 7.2
ibm cognos express 10.2.1
ibm cognos tm1 10.2.2
ibm cognos business viewpoint 10.1
ibm cognos business viewpoint 10.1.1
ibm websphere cast iron cloud integration 6.1.0.6
ibm websphere cast iron cloud integration 6.1.0.7
ibm websphere cast iron cloud integration 6.1.0.8
ibm websphere cast iron cloud integration 6.1.0.9
ibm websphere cast iron cloud integration 6.1.0.12
ibm websphere cast iron cloud integration 6.1.0.15
ibm websphere cast iron cloud integration 6.3.0.1
ibm websphere cast iron cloud integration 6.3.0.2
ibm websphere cast iron cloud integration 6.4.0.0
ibm websphere cast iron cloud integration 6.4.0.1
ibm websphere cast iron cloud integration 7.0.0
ibm websphere cast iron cloud integration 7.0.0.1
ibm tivoli application dependency discovery manager 7.2
ibm tivoli application dependency discovery manager 7.2.1
ibm tivoli application dependency discovery manager 7.2.2
ibm rational license key server 8.1.4
ibm rational license key server 8.1.4.2
ibm rational license key server 8.1.4.3
ibm cognos tm1 10.2
ibm rational doors web access 1.4.0.4
ibm rational doors web access 1.4.0.5
ibm rational doors web access 1.5
ibm rational doors web access 1.5.0.1
ibm rational doors web access 9.5
ibm rational doors web access 9.5.0.1
ibm rational doors web access 9.5.1
ibm rational doors web access 9.5.1.1
ibm rational doors web access 9.5.2
ibm rational doors web access 9.5.2.1
ibm rational doors web access 9.6
ibm rational doors web access 9.6.0.1
ibm rational doors web access 1.4.0.1
ibm rational doors web access 9.6.1
ibm messagesight 1.2
ibm tivoli application dependency discovery manager 7.3
ibm websphere cast iron cloud integration 7.0.0.2
ibm rational license key server 8.1.4.4
ibm rational license key server 8.1.4.5
ibm rational license key server 8.1.4.6
ibm tivoli monitoring 6.2.3
ibm tivoli monitoring 6.2.3.1
ibm tivoli monitoring 6.2.3.2
ibm tivoli monitoring 6.2.3.3
ibm tivoli monitoring 6.2.3.4
ibm tivoli monitoring 6.2.3.5
ibm tivoli monitoring 6.3.0.2
ibm tivoli monitoring 6.3.0.3
ibm tivoli monitoring 6.3.0.4
ibm rational doors web access 9.6.1.1
ibm rational license key server 8.1.4.7
ibm rational doors web access 9.6.1.3
ibm rational license key server 8.1.4.8
ibm rational license key server 8.1.4.9
ibm spectrum protect for virtual environments 7.1
ibm spectrum protect 7.1
ibm security identity governance and intelligence 5.2
ibm security privileged identity manager 2.0.2
ibm cognos express 10.2.2
ibm rational license key server 8.1.4.1
redhat enterprise linux desktop 7
redhat enterprise linux hpc node 7
redhat enterprise linux hpc node eus 7.2
redhat enterprise linux server 7
redhat enterprise linux server aus 7.2
redhat enterprise linux server eus 7.2
redhat enterprise linux workstation 7
ibm security identity governance and intelligence 5.2.1
redhat enterprise linux desktop 6
redhat enterprise linux hpc node 6
redhat enterprise linux server 6
redhat enterprise linux server eus 6.7.z
redhat enterprise linux workstation 6
ibm tivoli monitoring 6.3.0.5
ibm tivoli monitoring 6.3.0.6
redhat enterprise linux server tus 7.2
ibm websphere application server 9.0
ibm tivoli monitoring 6.3.0.7
ibm spectrum protect 8.1
ibm endpoint manager *
ibm bigfix remote control 9.1.4
ibm spectrum protect 8.1
ibm security identity governance and intelligence 5.2.2
ibm security identity governance and intelligence 5.2.2.1
ibm security identity governance and intelligence 5.2.3
ibm security identity governance and intelligence 5.2.3.1
ibm security identity governance and intelligence 5.2.3.2
ibm rational asset analyzer 6.1.0.0
ibm security identity governance and intelligence 5.2.4
ibm tivoli monitoring 6.2.3.3
ibm tivoli monitoring 6.2.3.4
ibm tivoli monitoring 6.2.3.5
ibm tivoli monitoring 6.3.0.2
ibm tivoli monitoring 6.3.0.3
ibm tivoli monitoring 6.3.0.4
ibm tivoli monitoring 6.3.0.5
ibm tivoli monitoring 6.3.0.6
ibm tivoli monitoring 6.3.0.7
ibm websphere application server in cloud 8.5
ibm websphere application server in cloud 9.0
ibm websphere application server
ibm mobile foundation 8.0.0.0
ibm websphere application server in cloud *
ibm app connect 11.0.0.0
ibm integration bus 9.0.0.11
ibm websphere message broker 8.0.0.0
ibm websphere message broker 8.0.0.9
ibm integration bus 10.0.0.0
ibm control center 6.0.0.0
ibm control center 6.1.0.0
ibm rational asset analyzer 6.1.0.18
ibm integration bus 10.0.0.15
ibm tivoli storage productivity center 5.2.0
ibm tivoli storage productivity center 5.2.7.1
ibm spectrum control 5.2.8
ibm spectrum control 5.2.10.1
ibm spectrum control 5.2.11
ibm spectrum control 5.2.12
ibm spectrum control 5.2.13
ibm spectrum control 5.2.14
ibm spectrum control 5.2.15
ibm spectrum control 5.2.15.2
ibm spectrum control 5.2.16
ibm spectrum control 5.2.17.0
ibm spectrum control 5.2.17.1
ibm spectrum control 5.3.0
ibm cloud transformation advisor 1.8.0
ibm security identity governance and intelligence 5.2.4.1
ibm sterling b2b integrator 6.0.0.0
ibm sterling b2b integrator 5.2.0.0
ibm infosphere streams 3.2.1.6
ibm infosphere streams 4.0.1.6
ibm streams 4.1.1.7
ibm streams 4.2.1.5
ibm streams 4.3.0.0
ibm security appscan 9.0.3.12
ibm app connect 11.0.0.3