Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2015-5351
Description:The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a token.
Test IDs:  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-5351
BugTraq ID: 83330
Bugtraq: 20160222 [SECURITY] CVE-2015-5351 Apache Tomcat CSRF token leak (Google Search)
Debian Security Information: DSA-3530 (Google Search)
Debian Security Information: DSA-3552 (Google Search)
Debian Security Information: DSA-3609 (Google Search)
RedHat Security Advisories: RHSA-2016:1087
RedHat Security Advisories: RHSA-2016:1088
RedHat Security Advisories: RHSA-2016:1089
RedHat Security Advisories: RHSA-2016:2599
RedHat Security Advisories: RHSA-2016:2807
RedHat Security Advisories: RHSA-2016:2808
SuSE Security Announcement: SUSE-SU-2016:0769 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:0822 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:0865 (Google Search)

© 1998-2022 E-Soft Inc. All rights reserved.