Vulnerability Name: | CVE-2014-7810 (CCN-103155) |
Assigned: | 2014-10-03 |
Published: | 2015-05-14 |
Updated: | 2019-04-15 |
Summary: | The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation. |
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): None Integrity (I): Low Availibility (A): None |
|
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None | Impact Metrics: | Confidentiality (C): None Integrity (I): Partial Availibility (A): None | 5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N) 3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
| Impact Metrics: | Confidentiality (C): None Integrity (I): Partial Availibility (A): None | 5.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N) 4.3 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None | Impact Metrics: | Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None |
|
Vulnerability Type: | CWE-284
|
Vulnerability Consequences: | Bypass Security |
References: | Source: MITRE Type: CNA CVE-2014-7810
Source: CCN Type: Apache Mailing List, Thu, 14 May 2015 14:03:08 GMT CVE-2014-7810: Apache Tomcat Security Manager Bypass
Source: HP Type: Third Party Advisory HPSBUX03561
Source: REDHAT Type: UNKNOWN RHSA-2015:1621
Source: REDHAT Type: UNKNOWN RHSA-2015:1622
Source: CCN Type: RHSA-2016-0492 Moderate: tomcat6 security and bug fix update
Source: REDHAT Type: UNKNOWN RHSA-2016:0492
Source: CCN Type: RHSA-2016-2046 Important: tomcat security update
Source: REDHAT Type: UNKNOWN RHSA-2016:2046
Source: CONFIRM Type: Patch http://svn.apache.org/viewvc?view=revision&revision=1644018
Source: CONFIRM Type: Patch http://svn.apache.org/viewvc?view=revision&revision=1645642
Source: CCN Type: Apache Web site Tomcat
Source: CONFIRM Type: Patch, Vendor Advisory http://tomcat.apache.org/security-6.html
Source: CONFIRM Type: Patch, Vendor Advisory http://tomcat.apache.org/security-7.html
Source: CONFIRM Type: Patch, Vendor Advisory http://tomcat.apache.org/security-8.html
Source: DEBIAN Type: UNKNOWN DSA-3428
Source: DEBIAN Type: UNKNOWN DSA-3447
Source: DEBIAN Type: Third Party Advisory DSA-3530
Source: CCN Type: IBM Security Bulletin 738367 (Tivoli Storage Productivity Center) Bypass security vulnerability in WebSphere Application Server affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2014-7810)
Source: CCN Type: IBM Security Bulletin 794189 (MessageSight) Security Bulletin: IBM MessageSight is affected by an IBM WebSphere Liberty expression language vulnerability
Source: CCN Type: IBM Security Bulletin 869808 (Spectrum Protect for Virtual Environments) Vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Spectrum Protect for Virtual Environments (CVE-2014-7810, CVE-2018-8039)
Source: CCN Type: IBM Security Bulletin 869814 (Spectrum Protect Snapshot) Vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Spectrum Protect Snapshot for VMware (CVE-2014-7810, CVE-2018-8039)
Source: CCN Type: IBM Security Bulletin 872052 (InfoSphere Streams) Vulnerabilities in WAS traditional and liberty
Source: CCN Type: IBM Security Bulletin 872112 (Security Identity Governance and Intelligence) IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities for IBM WebSphere Liberty Server
Source: CCN Type: IBM Security Bulletin 876338 (Spectrum Protect for Workstations) Multiple vulnerabilities in WebSphere Application Server Liberty affect IBM Spectrum Protect for Workstations Central Administration Console (CVE-2014-7810, CVE-2018-8039, CVE-2018-1901)
Source: CCN Type: IBM Security Bulletin 879017 (Security AppScan Enterprise) Potential bypass security vulnerability in Expression Language library used by WebSphere Application Server (CVE-2014-7810) affects IBM Security AppScan Enterprise
Source: CCN Type: IBM Security Bulletin 881456 (Control Center) Multiple Websphere Vulnerabilities Impact IBM Control Center (CVE-2018-3169, CVE-2014-7810, CVE-2018-1767)
Source: CCN Type: IBM Security Bulletin 957781 (Security Privileged Identity Manager) IBM Security Privileged Identity Manager is affected by multiple vulnerabilities
Source: CCN Type: IBM Security Bulletin 1698085 Rational DOORS Web Access is affected by Apache Tomcat vulnerabilities (CVE-2014-0227, CVE-2014-7810, CVE-2014-0230)
Source: CCN Type: IBM Security Bulletin 1960572 IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities (CVE-2014-0230, CVE-2014-7810,CVE-2014-0227)
Source: CCN Type: IBM Security Bulletin 1961088 Open Source Apache Tomcat vulnerability and vulnerability in Diffie-Hellman ciphers affects IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2014-0230, CVE-2014-7810, CVE-2015-4000)
Source: CCN Type: IBM Security Bulletin 1961208 Multiple security vulnerabilities in Open Source Apache Tomcat affect IBM Cognos Business Viewpoint (CVE-2014-0227, CVE-2014-0230, CVE-2014-7810)
Source: CCN Type: IBM Security Bulletin 1966177 IBM Cognos TM1 is affected by multiple vulnerabilities
Source: CCN Type: IBM Security Bulletin 1968268 Open Source Apache Tomcat as used in IBM QRadar SIEM is vulnerable to a security bypass. (CVE-2014-7810)
Source: CCN Type: IBM Security Bulletin 1972376 Multiple Security Vulnerabilities exist in IBM Cognos Express.
Source: CCN Type: IBM Security Bulletin 1976103 Multiple Security Vulnerabilities in Apache Tomcat affect IBM RLKS Administration and Reporting Tool
Source: CCN Type: IBM Security Bulletin 1980321 (Rational Directory Server) Rational Directory Server (Tivoli) is affected by an Apache Tomcat vulnerability (CVE-2014-7810)
Source: CONFIRM Type: UNKNOWN http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
Source: CONFIRM Type: UNKNOWN http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
Source: CONFIRM Type: UNKNOWN http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Source: CONFIRM Type: UNKNOWN http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
Source: BID Type: UNKNOWN 74665
Source: CCN Type: BID-74665 Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
Source: SECTRACK Type: UNKNOWN 1032330
Source: UBUNTU Type: UNKNOWN USN-2654-1
Source: UBUNTU Type: UNKNOWN USN-2655-1
Source: XF Type: UNKNOWN apache-tomcat-cve20147810-sec-bypass(103155)
Source: CONFIRM Type: Third Party Advisory https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964
Source: MLIST Type: UNKNOWN [tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/
Source: MLIST Type: UNKNOWN [tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
Source: MLIST Type: UNKNOWN [tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/
Source: MLIST Type: UNKNOWN [tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
Source: MLIST Type: UNKNOWN [tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/
Source: MLIST Type: UNKNOWN [tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/
Source: MLIST Type: UNKNOWN [tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/
Source: CCN Type: IBM Security Bulletin 0729557 (WebSphere Application Server) Potential bypass security vulnerability in Expression Language library used by WebSphere Application Server (CVE-2014-7810)
Source: CCN Type: IBM Security Bulletin 737055 (Liberty for Java for Bluemix) Multiple security vulnerabilities affect Liberty for Java for IBM Cloud
Source: CCN Type: IBM Security Bulletin 737753 (WebSphere Application Server in Cloud) Multiple security vulnerabilities affect IBM WebSphere Application Server in IBM Cloud
Source: CCN Type: IBM Security Bulletin 743113 (Rational Asset Analyzer) Rational Asset Analyzer (RAA) is affected by a vulnerability in WAS liberty.
Source: CCN Type: IBM Security Bulletin 795079 (Mobile Foundation) WAS traditional and liberty vulnerable to CVE-2014-7810
Source: CCN Type: IBM Security Bulletin 796180 (Tivoli Monitoring V6) Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application Server
Source: CCN Type: IBM Security Bulletin 872266 (Cloud Transformation Advisor) IBM Cloud Transformation Advisor is affected by a vulnerability in WebSphere Application Server Liberty (CVE-2014-7810)
Source: CCN Type: IBM Security Bulletin 873310 (BigFix Remote Control) Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime and OpenSSL and Liberty affect IBM BigFix Remote Control
Source: CCN Type: IBM Security Bulletin 879923 (Endpoint Manager for Lifecycle Management) Server Automation is affected by the following vulnerability exposures (CVE-2014-7810, CVE-2018-1767, CVE-2018-1901, CVE-2018-10237)
Source: CCN Type: IBM Security Bulletin 880523 (App Connect Enterprise) IBM Integration Bus & IBM App Connect Enterprise are affected by a Websphere Application Server Vulnerability (CVE-2014-7810)
Source: CCN Type: IBM Security Bulletin 883352 (Cloud App Management) A vulnerability in Apache Tomcat could affect IBM Cloud App Management V2018
Source: CCN Type: IBM Security Bulletin 6496741 (Sterling B2B Integrator) Apache Log4j Vulnerabilities Affect IBM Sterling B2B Integrator
Source: CCN Type: IBM Security Bulletin 6595755 (Disconnected Log Collector) IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities
Source: CCN Type: WhiteSource Vulnerability Database CVE-2014-7810
|
Vulnerable Configuration: | Configuration 1: cpe:/o:debian:debian_linux:7.0:*:*:*:*:*:*:* Configuration 2: cpe:/a:apache:tomcat:6.0.0:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.1:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.2:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.3:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.4:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.5:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.6:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.7:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.8:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.9:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.10:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.11:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.14:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.15:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.16:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.17:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.18:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.19:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.20:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.24:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.26:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.27:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.28:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.29:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.30:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.31:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.32:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.33:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.35:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.36:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.37:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.39:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.41:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.43:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.0:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.1:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.2:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.3:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.4:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.5:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.6:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.7:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.8:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.9:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.10:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.11:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.12:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.13:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.14:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.15:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.16:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.17:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.18:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.19:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.20:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.21:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.22:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.23:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.24:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.25:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.26:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.27:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.28:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.29:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.30:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.31:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.32:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.33:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.34:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.35:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.36:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.37:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.38:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.39:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.40:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.41:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.42:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.43:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.44:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.45:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.46:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.47:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.48:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.49:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.50:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.52:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.53:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.54:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.55:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.56:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.57:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.1:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.3:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.5:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.8:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.9:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.11:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.12:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.14:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.15:*:*:*:*:*:*:* Configuration 3: cpe:/a:apache:tomcat:6.0.0:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.1:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.2:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.3:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.4:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.5:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.6:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.7:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.8:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.9:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.10:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.11:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.14:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.15:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.16:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.17:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.18:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.19:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.20:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.24:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.26:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.27:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.28:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.29:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.30:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.31:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.32:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.33:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.35:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.36:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.37:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.39:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.41:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:6.0.43:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.0:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.1:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.2:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.3:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.4:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.5:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.6:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.7:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.8:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.9:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.10:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.11:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.12:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.13:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.14:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.15:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.16:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.17:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.18:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.19:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.20:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.21:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.22:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.23:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.24:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.25:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.26:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.27:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.28:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.29:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.30:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.31:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.32:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.33:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.34:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.35:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.36:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.37:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.38:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.39:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.40:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.41:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.42:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.43:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.44:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.45:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.46:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.47:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.48:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.49:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.50:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.52:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.53:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.54:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.55:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.56:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.57:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.1:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.3:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.5:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.8:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.9:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.11:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.12:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.14:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0.15:*:*:*:*:*:*:*AND cpe:/o:hp:hp-ux:11.31:*:*:*:*:*:*:* Configuration RedHat 1: cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:* Configuration RedHat 2: cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:* Configuration RedHat 3: cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:* Configuration RedHat 4: cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:* Configuration RedHat 5: cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:* Configuration RedHat 6: cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:* Configuration RedHat 7: cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:* Configuration RedHat 8: cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:* Configuration RedHat 9: cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:* Configuration RedHat 10: cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:* Configuration CCN 1: cpe:/a:apache:tomcat:6:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:7.0.0:*:*:*:*:*:*:*OR cpe:/a:apache:tomcat:8.0:*:*:*:*:*:*:*AND cpe:/a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:1.4:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:1.4.0.2:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:1.4.0.3:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*OR cpe:/a:ibm:cognos_express:9.5:*:*:*:*:*:*:*OR cpe:/a:ibm:cognos_tm1:9.5.2:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.1:*:*:*:*:*:*:*OR cpe:/a:ibm:cognos_express:10.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_directory_server:5.2.0.2:*:*:*:*:*:*:*OR cpe:/a:ibm:cognos_tm1:10.1.1:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*OR cpe:/a:ibm:integration_bus:9.0.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*OR cpe:/a:ibm:cognos_express:10.2.1:*:*:*:*:*:*:*OR cpe:/a:ibm:cognos_tm1:10.2.2:*:*:*:*:*:*:*OR cpe:/a:ibm:cognos_business_viewpoint:10.1:*:*:*:*:*:*:*OR cpe:/a:ibm:cognos_business_viewpoint:10.1.1:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.6:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.7:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.8:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.9:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.12:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.1.0.15:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.3.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.3.0.2:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.4.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:6.4.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:7.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:7.0.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.1:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.2:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_license_key_server:8.1.4:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_license_key_server:8.1.4.2:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_license_key_server:8.1.4.3:*:*:*:*:*:*:*OR cpe:/a:ibm:cognos_tm1:10.2:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:1.4.0.4:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:1.4.0.5:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:1.5:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:1.5.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:9.5:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:9.5.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:9.5.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:9.5.1.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:9.5.2:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:9.5.2.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:9.6:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:9.6.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:1.4.0.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:9.6.1:*:*:*:*:*:*:*OR cpe:/a:ibm:messagesight:1.2:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.3:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_cast_iron_cloud_integration:7.0.0.2:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_license_key_server:8.1.4.4:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_license_key_server:8.1.4.5:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_license_key_server:8.1.4.6:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.2.3.3:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.2.3.4:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.2.3.5:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.3.0.2:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.3.0.3:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.3.0.4:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:9.6.1.1:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_license_key_server:8.1.4.7:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_doors_web_access:9.6.1.3:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_license_key_server:8.1.4.8:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_license_key_server:8.1.4.9:*:*:*:*:*:*:*OR cpe:/a:ibm:spectrum_protect_for_virtual_environments:7.1:*:*:*:*:hyper-v:*:*OR cpe:/a:ibm:spectrum_protect:7.1:*:*:*:workstations:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2:*:*:*:*:*:*:*OR cpe:/a:ibm:security_privileged_identity_manager:2.0.2:*:*:*:*:*:*:*OR cpe:/a:ibm:cognos_express:10.2.2:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_license_key_server:8.1.4.1:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux_hpc_node:7:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux_workstation:7:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.1:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux_server:6:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux_server_eus:6.7.z:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux_workstation:6:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.3.0.5:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.3.0.6:*:*:*:*:*:*:*OR cpe:/o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*OR cpe:/a:ibm:spectrum_protect:8.1:*:*:*:virtual_environments:*:*:*OR cpe:/a:ibm:endpoint_manager:*:*:*:*:lifecycle_management:*:*:*OR cpe:/a:ibm:bigfix_remote_control:9.1.4:*:*:*:*:*:*:*OR cpe:/a:ibm:spectrum_protect:8.1:*:*:*:workstations:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.2:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.2.1:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3.1:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3.2:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_asset_analyzer:6.1.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.4:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.2.3.3:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.2.3.4:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.2.3.5:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.3.0.2:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.3.0.3:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.3.0.4:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.3.0.5:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.3.0.6:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_application_server_in_cloud:8.5:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_application_server_in_cloud:9.0:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_application_server:::~~liberty~~~:*:*:*:*:*OR cpe:/a:ibm:mobile_foundation:8.0.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_application_server_in_cloud:*:*:*:*:liberty:*:*:*OR cpe:/a:ibm:app_connect:11.0.0.0:*:*:*:enterprise:*:*:*OR cpe:/a:ibm:integration_bus:9.0.0.11:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_message_broker:8.0.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:websphere_message_broker:8.0.0.9:*:*:*:*:*:*:*OR cpe:/a:ibm:integration_bus:10.0.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:control_center:6.0.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:control_center:6.1.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:rational_asset_analyzer:6.1.0.18:*:*:*:*:*:*:*OR cpe:/a:ibm:integration_bus:10.0.0.15:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_storage_productivity_center:5.2.0:*:*:*:*:*:*:*OR cpe:/a:ibm:tivoli_storage_productivity_center:5.2.7.1:*:*:*:*:*:*:*OR cpe:/a:ibm:spectrum_control:5.2.8:*:*:*:*:*:*:*OR cpe:/a:ibm:spectrum_control:5.2.10.1:*:*:*:*:*:*:*OR cpe:/a:ibm:spectrum_control:5.2.11:*:*:*:*:*:*:*OR cpe:/a:ibm:spectrum_control:5.2.12:*:*:*:*:*:*:*OR cpe:/a:ibm:spectrum_control:5.2.13:*:*:*:*:*:*:*OR cpe:/a:ibm:spectrum_control:5.2.14:*:*:*:*:*:*:*OR cpe:/a:ibm:spectrum_control:5.2.15:*:*:*:*:*:*:*OR cpe:/a:ibm:spectrum_control:5.2.15.2:*:*:*:*:*:*:*OR cpe:/a:ibm:spectrum_control:5.2.16:*:*:*:*:*:*:*OR cpe:/a:ibm:spectrum_control:5.2.17.0:*:*:*:*:*:*:*OR cpe:/a:ibm:spectrum_control:5.2.17.1:*:standard:*:*:*:*:*OR cpe:/a:ibm:spectrum_control:5.3.0:*:*:*:*:*:*:*OR cpe:/a:ibm:cloud_transformation_advisor:1.8.0:*:*:*:*:*:*:*OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.4.1:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:sterling_b2b_integrator:5.2.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:infosphere_streams:3.2.1.6:*:*:*:*:*:*:*OR cpe:/a:ibm:infosphere_streams:4.0.1.6:*:*:*:*:*:*:*OR cpe:/a:ibm:streams:4.1.1.7:*:*:*:*:*:*:*OR cpe:/a:ibm:streams:4.2.1.5:*:*:*:*:*:*:*OR cpe:/a:ibm:streams:4.3.0.0:*:*:*:*:*:*:*OR cpe:/a:ibm:security_appscan:9.0.3.12:*:*:*:enterprise:*:*:*OR cpe:/a:ibm:app_connect:11.0.0.3:*:*:*:enterprise:*:*:*
Denotes that component is vulnerable |
Oval Definitions |
|
BACK |
debian debian linux 7.0
apache tomcat 6.0.0
apache tomcat 6.0.0 alpha
apache tomcat 6.0.1
apache tomcat 6.0.1 alpha
apache tomcat 6.0.2
apache tomcat 6.0.2 alpha
apache tomcat 6.0.2 beta
apache tomcat 6.0.3
apache tomcat 6.0.4
apache tomcat 6.0.4 alpha
apache tomcat 6.0.5
apache tomcat 6.0.6
apache tomcat 6.0.6 alpha
apache tomcat 6.0.7
apache tomcat 6.0.7 alpha
apache tomcat 6.0.7 beta
apache tomcat 6.0.8
apache tomcat 6.0.8 alpha
apache tomcat 6.0.9
apache tomcat 6.0.9 beta
apache tomcat 6.0.10
apache tomcat 6.0.11
apache tomcat 6.0.12
apache tomcat 6.0.13
apache tomcat 6.0.14
apache tomcat 6.0.15
apache tomcat 6.0.16
apache tomcat 6.0.17
apache tomcat 6.0.18
apache tomcat 6.0.19
apache tomcat 6.0.20
apache tomcat 6.0.24
apache tomcat 6.0.26
apache tomcat 6.0.27
apache tomcat 6.0.28
apache tomcat 6.0.29
apache tomcat 6.0.30
apache tomcat 6.0.31
apache tomcat 6.0.32
apache tomcat 6.0.33
apache tomcat 6.0.35
apache tomcat 6.0.36
apache tomcat 6.0.37
apache tomcat 6.0.39
apache tomcat 6.0.41
apache tomcat 6.0.43
apache tomcat 7.0.0
apache tomcat 7.0.0 beta
apache tomcat 7.0.1
apache tomcat 7.0.2
apache tomcat 7.0.2 beta
apache tomcat 7.0.3
apache tomcat 7.0.4
apache tomcat 7.0.4 beta
apache tomcat 7.0.5
apache tomcat 7.0.6
apache tomcat 7.0.7
apache tomcat 7.0.8
apache tomcat 7.0.9
apache tomcat 7.0.10
apache tomcat 7.0.11
apache tomcat 7.0.12
apache tomcat 7.0.13
apache tomcat 7.0.14
apache tomcat 7.0.15
apache tomcat 7.0.16
apache tomcat 7.0.17
apache tomcat 7.0.18
apache tomcat 7.0.19
apache tomcat 7.0.20
apache tomcat 7.0.21
apache tomcat 7.0.22
apache tomcat 7.0.23
apache tomcat 7.0.24
apache tomcat 7.0.25
apache tomcat 7.0.26
apache tomcat 7.0.27
apache tomcat 7.0.28
apache tomcat 7.0.29
apache tomcat 7.0.30
apache tomcat 7.0.31
apache tomcat 7.0.32
apache tomcat 7.0.33
apache tomcat 7.0.34
apache tomcat 7.0.35
apache tomcat 7.0.36
apache tomcat 7.0.37
apache tomcat 7.0.38
apache tomcat 7.0.39
apache tomcat 7.0.40
apache tomcat 7.0.41
apache tomcat 7.0.42
apache tomcat 7.0.43
apache tomcat 7.0.44
apache tomcat 7.0.45
apache tomcat 7.0.46
apache tomcat 7.0.47
apache tomcat 7.0.48
apache tomcat 7.0.49
apache tomcat 7.0.50
apache tomcat 7.0.52
apache tomcat 7.0.53
apache tomcat 7.0.54
apache tomcat 7.0.55
apache tomcat 7.0.56
apache tomcat 7.0.57
apache tomcat 8.0.0 rc1
apache tomcat 8.0.0 rc10
apache tomcat 8.0.0 rc2
apache tomcat 8.0.0 rc5
apache tomcat 8.0.1
apache tomcat 8.0.3
apache tomcat 8.0.5
apache tomcat 8.0.8
apache tomcat 8.0.9
apache tomcat 8.0.11
apache tomcat 8.0.12
apache tomcat 8.0.14
apache tomcat 8.0.15
apache tomcat 6.0.0
apache tomcat 6.0.0 alpha
apache tomcat 6.0.1
apache tomcat 6.0.1 alpha
apache tomcat 6.0.2
apache tomcat 6.0.2 alpha
apache tomcat 6.0.2 beta
apache tomcat 6.0.3
apache tomcat 6.0.4
apache tomcat 6.0.4 alpha
apache tomcat 6.0.5
apache tomcat 6.0.6
apache tomcat 6.0.6 alpha
apache tomcat 6.0.7
apache tomcat 6.0.7 alpha
apache tomcat 6.0.7 beta
apache tomcat 6.0.8
apache tomcat 6.0.8 alpha
apache tomcat 6.0.9
apache tomcat 6.0.9 beta
apache tomcat 6.0.10
apache tomcat 6.0.11
apache tomcat 6.0.12
apache tomcat 6.0.13
apache tomcat 6.0.14
apache tomcat 6.0.15
apache tomcat 6.0.16
apache tomcat 6.0.17
apache tomcat 6.0.18
apache tomcat 6.0.19
apache tomcat 6.0.20
apache tomcat 6.0.24
apache tomcat 6.0.26
apache tomcat 6.0.27
apache tomcat 6.0.28
apache tomcat 6.0.29
apache tomcat 6.0.30
apache tomcat 6.0.31
apache tomcat 6.0.32
apache tomcat 6.0.33
apache tomcat 6.0.35
apache tomcat 6.0.36
apache tomcat 6.0.37
apache tomcat 6.0.39
apache tomcat 6.0.41
apache tomcat 6.0.43
apache tomcat 7.0.0
apache tomcat 7.0.0 beta
apache tomcat 7.0.1
apache tomcat 7.0.2
apache tomcat 7.0.2 beta
apache tomcat 7.0.3
apache tomcat 7.0.4
apache tomcat 7.0.4 beta
apache tomcat 7.0.5
apache tomcat 7.0.6
apache tomcat 7.0.7
apache tomcat 7.0.8
apache tomcat 7.0.9
apache tomcat 7.0.10
apache tomcat 7.0.11
apache tomcat 7.0.12
apache tomcat 7.0.13
apache tomcat 7.0.14
apache tomcat 7.0.15
apache tomcat 7.0.16
apache tomcat 7.0.17
apache tomcat 7.0.18
apache tomcat 7.0.19
apache tomcat 7.0.20
apache tomcat 7.0.21
apache tomcat 7.0.22
apache tomcat 7.0.23
apache tomcat 7.0.24
apache tomcat 7.0.25
apache tomcat 7.0.26
apache tomcat 7.0.27
apache tomcat 7.0.28
apache tomcat 7.0.29
apache tomcat 7.0.30
apache tomcat 7.0.31
apache tomcat 7.0.32
apache tomcat 7.0.33
apache tomcat 7.0.34
apache tomcat 7.0.35
apache tomcat 7.0.36
apache tomcat 7.0.37
apache tomcat 7.0.38
apache tomcat 7.0.39
apache tomcat 7.0.40
apache tomcat 7.0.41
apache tomcat 7.0.42
apache tomcat 7.0.43
apache tomcat 7.0.44
apache tomcat 7.0.45
apache tomcat 7.0.46
apache tomcat 7.0.47
apache tomcat 7.0.48
apache tomcat 7.0.49
apache tomcat 7.0.50
apache tomcat 7.0.52
apache tomcat 7.0.53
apache tomcat 7.0.54
apache tomcat 7.0.55
apache tomcat 7.0.56
apache tomcat 7.0.57
apache tomcat 8.0.0 rc1
apache tomcat 8.0.0 rc10
apache tomcat 8.0.0 rc2
apache tomcat 8.0.0 rc5
apache tomcat 8.0.1
apache tomcat 8.0.3
apache tomcat 8.0.5
apache tomcat 8.0.8
apache tomcat 8.0.9
apache tomcat 8.0.11
apache tomcat 8.0.12
apache tomcat 8.0.14
apache tomcat 8.0.15
hp hp-ux 11.31
apache tomcat 6
apache tomcat 7.0.0
apache tomcat 8.0
ibm websphere application server 7.0
ibm rational doors web access 1.4
ibm rational doors web access 1.4.0.2
ibm rational doors web access 1.4.0.3
ibm websphere application server 8.0
ibm cognos express 9.5
ibm cognos tm1 9.5.2
ibm websphere application server 8.5
ibm tivoli monitoring 6.2.3
ibm qradar security information and event manager 7.1
ibm cognos express 10.1
ibm rational directory server 5.2.0.2
ibm cognos tm1 10.1.1
ibm tivoli monitoring 6.2.3.1
ibm tivoli monitoring 6.2.3.2
ibm integration bus 9.0.0.0
ibm qradar security information and event manager 7.2
ibm cognos express 10.2.1
ibm cognos tm1 10.2.2
ibm cognos business viewpoint 10.1
ibm cognos business viewpoint 10.1.1
ibm websphere cast iron cloud integration 6.1.0.6
ibm websphere cast iron cloud integration 6.1.0.7
ibm websphere cast iron cloud integration 6.1.0.8
ibm websphere cast iron cloud integration 6.1.0.9
ibm websphere cast iron cloud integration 6.1.0.12
ibm websphere cast iron cloud integration 6.1.0.15
ibm websphere cast iron cloud integration 6.3.0.1
ibm websphere cast iron cloud integration 6.3.0.2
ibm websphere cast iron cloud integration 6.4.0.0
ibm websphere cast iron cloud integration 6.4.0.1
ibm websphere cast iron cloud integration 7.0.0
ibm websphere cast iron cloud integration 7.0.0.1
ibm tivoli application dependency discovery manager 7.2
ibm tivoli application dependency discovery manager 7.2.1
ibm tivoli application dependency discovery manager 7.2.2
ibm rational license key server 8.1.4
ibm rational license key server 8.1.4.2
ibm rational license key server 8.1.4.3
ibm cognos tm1 10.2
ibm rational doors web access 1.4.0.4
ibm rational doors web access 1.4.0.5
ibm rational doors web access 1.5
ibm rational doors web access 1.5.0.1
ibm rational doors web access 9.5
ibm rational doors web access 9.5.0.1
ibm rational doors web access 9.5.1
ibm rational doors web access 9.5.1.1
ibm rational doors web access 9.5.2
ibm rational doors web access 9.5.2.1
ibm rational doors web access 9.6
ibm rational doors web access 9.6.0.1
ibm rational doors web access 1.4.0.1
ibm rational doors web access 9.6.1
ibm messagesight 1.2
ibm tivoli application dependency discovery manager 7.3
ibm websphere cast iron cloud integration 7.0.0.2
ibm rational license key server 8.1.4.4
ibm rational license key server 8.1.4.5
ibm rational license key server 8.1.4.6
ibm tivoli monitoring 6.2.3
ibm tivoli monitoring 6.2.3.1
ibm tivoli monitoring 6.2.3.2
ibm tivoli monitoring 6.2.3.3
ibm tivoli monitoring 6.2.3.4
ibm tivoli monitoring 6.2.3.5
ibm tivoli monitoring 6.3.0.2
ibm tivoli monitoring 6.3.0.3
ibm tivoli monitoring 6.3.0.4
ibm rational doors web access 9.6.1.1
ibm rational license key server 8.1.4.7
ibm rational doors web access 9.6.1.3
ibm rational license key server 8.1.4.8
ibm rational license key server 8.1.4.9
ibm spectrum protect for virtual environments 7.1
ibm spectrum protect 7.1
ibm security identity governance and intelligence 5.2
ibm security privileged identity manager 2.0.2
ibm cognos express 10.2.2
ibm rational license key server 8.1.4.1
redhat enterprise linux desktop 7
redhat enterprise linux hpc node 7
redhat enterprise linux hpc node eus 7.2
redhat enterprise linux server 7
redhat enterprise linux server aus 7.2
redhat enterprise linux server eus 7.2
redhat enterprise linux workstation 7
ibm security identity governance and intelligence 5.2.1
redhat enterprise linux desktop 6
redhat enterprise linux hpc node 6
redhat enterprise linux server 6
redhat enterprise linux server eus 6.7.z
redhat enterprise linux workstation 6
ibm tivoli monitoring 6.3.0.5
ibm tivoli monitoring 6.3.0.6
redhat enterprise linux server tus 7.2
ibm websphere application server 9.0
ibm tivoli monitoring 6.3.0.7
ibm spectrum protect 8.1
ibm endpoint manager *
ibm bigfix remote control 9.1.4
ibm spectrum protect 8.1
ibm security identity governance and intelligence 5.2.2
ibm security identity governance and intelligence 5.2.2.1
ibm security identity governance and intelligence 5.2.3
ibm security identity governance and intelligence 5.2.3.1
ibm security identity governance and intelligence 5.2.3.2
ibm rational asset analyzer 6.1.0.0
ibm security identity governance and intelligence 5.2.4
ibm tivoli monitoring 6.2.3.3
ibm tivoli monitoring 6.2.3.4
ibm tivoli monitoring 6.2.3.5
ibm tivoli monitoring 6.3.0.2
ibm tivoli monitoring 6.3.0.3
ibm tivoli monitoring 6.3.0.4
ibm tivoli monitoring 6.3.0.5
ibm tivoli monitoring 6.3.0.6
ibm tivoli monitoring 6.3.0.7
ibm websphere application server in cloud 8.5
ibm websphere application server in cloud 9.0
ibm websphere application server
ibm mobile foundation 8.0.0.0
ibm websphere application server in cloud *
ibm app connect 11.0.0.0
ibm integration bus 9.0.0.11
ibm websphere message broker 8.0.0.0
ibm websphere message broker 8.0.0.9
ibm integration bus 10.0.0.0
ibm control center 6.0.0.0
ibm control center 6.1.0.0
ibm rational asset analyzer 6.1.0.18
ibm integration bus 10.0.0.15
ibm tivoli storage productivity center 5.2.0
ibm tivoli storage productivity center 5.2.7.1
ibm spectrum control 5.2.8
ibm spectrum control 5.2.10.1
ibm spectrum control 5.2.11
ibm spectrum control 5.2.12
ibm spectrum control 5.2.13
ibm spectrum control 5.2.14
ibm spectrum control 5.2.15
ibm spectrum control 5.2.15.2
ibm spectrum control 5.2.16
ibm spectrum control 5.2.17.0
ibm spectrum control 5.2.17.1
ibm spectrum control 5.3.0
ibm cloud transformation advisor 1.8.0
ibm security identity governance and intelligence 5.2.4.1
ibm sterling b2b integrator 6.0.0.0
ibm sterling b2b integrator 5.2.0.0
ibm infosphere streams 3.2.1.6
ibm infosphere streams 4.0.1.6
ibm streams 4.1.1.7
ibm streams 4.2.1.5
ibm streams 4.3.0.0
ibm security appscan 9.0.3.12
ibm app connect 11.0.0.3