Back to search
CVE-2009-3548
Published: Nov 12, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
HPSBUX02541
vendor-advisory
x_refsource_HP
HPSBMA02535
vendor-advisory
x_refsource_HP
HPSBUX02860
vendor-advisory
x_refsource_HP
40330
third-party-advisory
x_refsource_SECUNIA
SSRT100029
vendor-advisory
x_refsource_HP
ADV-2010-1559
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:19414
vdb-entry
signature
x_refsource_OVAL
HPSBOV02762
vendor-advisory
x_refsource_HP
tomcat-admin-default-password(54182)
vdb-entry
x_refsource_XF
http://tomcat.apache.org/security-6.html
x_refsource_CONFIRM
57126
third-party-advisory
x_refsource_SECUNIA
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
x_refsource_CONFIRM
oval:org.mitre.oval:def:7033
vdb-entry
signature
x_refsource_OVAL
36954
vdb-entry
x_refsource_BID
SSRT100825
vendor-advisory
x_refsource_HP
ADV-2009-3185
vdb-entry
x_refsource_VUPEN
http://tomcat.apache.org/security-5.html
x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
x_refsource_CONFIRM
20091109 [SECURITY] CVE-2009-3548 Apache Tomcat Windows Installer insecure default administrative password
mailing-list
x_refsource_BUGTRAQ
http://markmail.org/thread/wfu4nff5chvkb6xp
x_refsource_MISC
SSRT101146
vendor-advisory
x_refsource_HP
20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
mailing-list
x_refsource_BUGTRAQ
HPSBST02955
vendor-advisory
x_refsource_HP
1023146
vdb-entry
x_refsource_SECTRACK
SSRT100145
vendor-advisory
x_refsource_HP
[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20191124 [CONF] Apache Tomcat > Security
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now