HP Performance Manager Apache Tomcat Policy Bypass
Publish Date: 21 juillet 2015
Gravité: : Élevé
Identifiant(s) CVE: : CVE-2009-3548
Date du conseil: 21 juillet 2015
Description
The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1004179
Trend Micro Deep Security DPI Rule Name: 1004179 - HP Performance Manager Apache Tomcat Policy Bypass
Affected software and version:
- apache tomcat 3.0
- apache tomcat 3.1
- apache tomcat 3.1.1
- apache tomcat 3.2
- apache tomcat 3.2.1
- apache tomcat 3.2.2
- apache tomcat 3.2.3
- apache tomcat 3.2.4
- apache tomcat 3.3
- apache tomcat 3.3.1
- apache tomcat 3.3.1a
- apache tomcat 3.3.2
- apache tomcat 4.0.0
- apache tomcat 4.0.1
- apache tomcat 4.0.2
- apache tomcat 4.0.3
- apache tomcat 4.0.4
- apache tomcat 4.0.5
- apache tomcat 4.0.6
- apache tomcat 4.1.0
- apache tomcat 4.1.1
- apache tomcat 4.1.10
- apache tomcat 4.1.11
- apache tomcat 4.1.12
- apache tomcat 4.1.13
- apache tomcat 4.1.14
- apache tomcat 4.1.15
- apache tomcat 4.1.16
- apache tomcat 4.1.17
- apache tomcat 4.1.18
- apache tomcat 4.1.19
- apache tomcat 4.1.2
- apache tomcat 4.1.20
- apache tomcat 4.1.21
- apache tomcat 4.1.22
- apache tomcat 4.1.23
- apache tomcat 4.1.24
- apache tomcat 4.1.25
- apache tomcat 4.1.26
- apache tomcat 4.1.27
- apache tomcat 4.1.28
- apache tomcat 4.1.29
- apache tomcat 4.1.3
- apache tomcat 4.1.30
- apache tomcat 4.1.31
- apache tomcat 4.1.32
- apache tomcat 4.1.33
- apache tomcat 4.1.34
- apache tomcat 4.1.35
- apache tomcat 4.1.36
- apache tomcat 4.1.37
- apache tomcat 4.1.38
- apache tomcat 4.1.39
- apache tomcat 4.1.4
- apache tomcat 4.1.5
- apache tomcat 4.1.6
- apache tomcat 4.1.7
- apache tomcat 4.1.8
- apache tomcat 4.1.9
- apache tomcat 5.0.0
- apache tomcat 5.0.1
- apache tomcat 5.0.10
- apache tomcat 5.0.11
- apache tomcat 5.0.12
- apache tomcat 5.0.13
- apache tomcat 5.0.14
- apache tomcat 5.0.15
- apache tomcat 5.0.16
- apache tomcat 5.0.17
- apache tomcat 5.0.18
- apache tomcat 5.0.19
- apache tomcat 5.0.2
- apache tomcat 5.0.21
- apache tomcat 5.0.22
- apache tomcat 5.0.23
- apache tomcat 5.0.24
- apache tomcat 5.0.25
- apache tomcat 5.0.26
- apache tomcat 5.0.27
- apache tomcat 5.0.28
- apache tomcat 5.0.29
- apache tomcat 5.0.3
- apache tomcat 5.0.30
- apache tomcat 5.0.4
- apache tomcat 5.0.5
- apache tomcat 5.0.6
- apache tomcat 5.0.7
- apache tomcat 5.0.8
- apache tomcat 5.0.9
- apache tomcat 5.5.0
- apache tomcat 5.5.1
- apache tomcat 5.5.10
- apache tomcat 5.5.11
- apache tomcat 5.5.12
- apache tomcat 5.5.13
- apache tomcat 5.5.14
- apache tomcat 5.5.15
- apache tomcat 5.5.16
- apache tomcat 5.5.17
- apache tomcat 5.5.18
- apache tomcat 5.5.19
- apache tomcat 5.5.2
- apache tomcat 5.5.20
- apache tomcat 5.5.21
- apache tomcat 5.5.22
- apache tomcat 5.5.23
- apache tomcat 5.5.24
- apache tomcat 5.5.25
- apache tomcat 5.5.26
- apache tomcat 5.5.27
- apache tomcat 5.5.28
- apache tomcat 5.5.3
- apache tomcat 5.5.4
- apache tomcat 5.5.5
- apache tomcat 5.5.6
- apache tomcat 5.5.7
- apache tomcat 5.5.8
- apache tomcat 5.5.9
- apache tomcat 6.0
- apache tomcat 6.0.0
- apache tomcat 6.0.1
- apache tomcat 6.0.10
- apache tomcat 6.0.11
- apache tomcat 6.0.12
- apache tomcat 6.0.13
- apache tomcat 6.0.14
- apache tomcat 6.0.15
- apache tomcat 6.0.16
- apache tomcat 6.0.17
- apache tomcat 6.0.18
- apache tomcat 6.0.2
- apache tomcat 6.0.20
- apache tomcat 6.0.3
- apache tomcat 6.0.4
- apache tomcat 6.0.5
- apache tomcat 6.0.6
- apache tomcat 6.0.7
- apache tomcat 6.0.8
- apache tomcat 6.0.9