CVE-2005-2090, CVE-2006-3835, CVE-2006-7195, CVE-2006-7196, CVE-2007-0450, CVE-2007-2449, CVE-2007-2450, CVE-2007-3385, CVE-2007-5333, CVE-2008-0128, CVE-2008-1232, CVE-2008-1678, CVE-2008-2370, CVE-2008-2938, CVE-2008-5515, CVE-2009-3555, CVE-2010-2227, CVE-2011-0286
Published on 10/05/07 - Updated on 25/03/19
The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts.
NVD is only using a subset of CWE for mapping instead of the entire CWE, and the weakness type is not covered by that subset.
|CERTA-2009-AVI-032, CERTA-2011-AVI-221, CERTA-2014-AVI-022|
|2007/VULN255, 2010/VULN248, 2011/VULN335|