CVE-2011-1088

CVSS v2.0

5.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 7.0.0 through 7.0.10

Description The issue allows remote attackers to bypass intended access restrictions via HTTP requests to a web application because Apache Tomcat does not follow ServletSecurity annotations. This means some areas of the application may not have been protected as expected.

Recommendations For Apache Tomcat versions 7.0.0 through 7.0.10, update to version 7.0.11 to fully resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2011-1088

GHSA-MG4V-RF8P-GHQQ

Affected Products

Apache Tomcat

CVE-2011-1088

Related Identifiers

Affected Products

References · 40