HP Performance Manager Apache Tomcat Policy Bypass
Severity: HIGH
CVE Identifier: CVE-2009-3548
Advisory Date: JUL 21, 2015
DESCRIPTION
The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
TREND MICRO PROTECTION INFORMATION
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1004179
Trend Micro Deep Security DPI Rule Name: 1004179 - HP Performance Manager Apache Tomcat Policy Bypass
AFFECTED SOFTWARE AND VERSION
- apache tomcat 3.0
- apache tomcat 3.1
- apache tomcat 3.1.1
- apache tomcat 3.2
- apache tomcat 3.2.1
- apache tomcat 3.2.2
- apache tomcat 3.2.3
- apache tomcat 3.2.4
- apache tomcat 3.3
- apache tomcat 3.3.1
- apache tomcat 3.3.1a
- apache tomcat 3.3.2
- apache tomcat 4.0.0
- apache tomcat 4.0.1
- apache tomcat 4.0.2
- apache tomcat 4.0.3
- apache tomcat 4.0.4
- apache tomcat 4.0.5
- apache tomcat 4.0.6
- apache tomcat 4.1.0
- apache tomcat 4.1.1
- apache tomcat 4.1.10
- apache tomcat 4.1.11
- apache tomcat 4.1.12
- apache tomcat 4.1.13
- apache tomcat 4.1.14
- apache tomcat 4.1.15
- apache tomcat 4.1.16
- apache tomcat 4.1.17
- apache tomcat 4.1.18
- apache tomcat 4.1.19
- apache tomcat 4.1.2
- apache tomcat 4.1.20
- apache tomcat 4.1.21
- apache tomcat 4.1.22
- apache tomcat 4.1.23
- apache tomcat 4.1.24
- apache tomcat 4.1.25
- apache tomcat 4.1.26
- apache tomcat 4.1.27
- apache tomcat 4.1.28
- apache tomcat 4.1.29
- apache tomcat 4.1.3
- apache tomcat 4.1.30
- apache tomcat 4.1.31
- apache tomcat 4.1.32
- apache tomcat 4.1.33
- apache tomcat 4.1.34
- apache tomcat 4.1.35
- apache tomcat 4.1.36
- apache tomcat 4.1.37
- apache tomcat 4.1.38
- apache tomcat 4.1.39
- apache tomcat 4.1.4
- apache tomcat 4.1.5
- apache tomcat 4.1.6
- apache tomcat 4.1.7
- apache tomcat 4.1.8
- apache tomcat 4.1.9
- apache tomcat 5.0.0
- apache tomcat 5.0.1
- apache tomcat 5.0.10
- apache tomcat 5.0.11
- apache tomcat 5.0.12
- apache tomcat 5.0.13
- apache tomcat 5.0.14
- apache tomcat 5.0.15
- apache tomcat 5.0.16
- apache tomcat 5.0.17
- apache tomcat 5.0.18
- apache tomcat 5.0.19
- apache tomcat 5.0.2
- apache tomcat 5.0.21
- apache tomcat 5.0.22
- apache tomcat 5.0.23
- apache tomcat 5.0.24
- apache tomcat 5.0.25
- apache tomcat 5.0.26
- apache tomcat 5.0.27
- apache tomcat 5.0.28
- apache tomcat 5.0.29
- apache tomcat 5.0.3
- apache tomcat 5.0.30
- apache tomcat 5.0.4
- apache tomcat 5.0.5
- apache tomcat 5.0.6
- apache tomcat 5.0.7
- apache tomcat 5.0.8
- apache tomcat 5.0.9
- apache tomcat 5.5.0
- apache tomcat 5.5.1
- apache tomcat 5.5.10
- apache tomcat 5.5.11
- apache tomcat 5.5.12
- apache tomcat 5.5.13
- apache tomcat 5.5.14
- apache tomcat 5.5.15
- apache tomcat 5.5.16
- apache tomcat 5.5.17
- apache tomcat 5.5.18
- apache tomcat 5.5.19
- apache tomcat 5.5.2
- apache tomcat 5.5.20
- apache tomcat 5.5.21
- apache tomcat 5.5.22
- apache tomcat 5.5.23
- apache tomcat 5.5.24
- apache tomcat 5.5.25
- apache tomcat 5.5.26
- apache tomcat 5.5.27
- apache tomcat 5.5.28
- apache tomcat 5.5.3
- apache tomcat 5.5.4
- apache tomcat 5.5.5
- apache tomcat 5.5.6
- apache tomcat 5.5.7
- apache tomcat 5.5.8
- apache tomcat 5.5.9
- apache tomcat 6.0
- apache tomcat 6.0.0
- apache tomcat 6.0.1
- apache tomcat 6.0.10
- apache tomcat 6.0.11
- apache tomcat 6.0.12
- apache tomcat 6.0.13
- apache tomcat 6.0.14
- apache tomcat 6.0.15
- apache tomcat 6.0.16
- apache tomcat 6.0.17
- apache tomcat 6.0.18
- apache tomcat 6.0.2
- apache tomcat 6.0.20
- apache tomcat 6.0.3
- apache tomcat 6.0.4
- apache tomcat 6.0.5
- apache tomcat 6.0.6
- apache tomcat 6.0.7
- apache tomcat 6.0.8
- apache tomcat 6.0.9