Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2013-0346

Published

10 years ago

Last Modified

1 week ago

CVSSv2.0 Severity

Low

Impact Analysis

Apache Tomcat 7.x uses world-readable permissions for the log directory and its files, which might allow local users to obtain sensitive information by reading a file. NOTE: One Tomcat distributor has stated "The tomcat log directory does not contain any sensitive information.".

CVSSv2.0 Score

Severity: Low
Base Score: 2.1/10
Exploit Score: 3.9/10
Access Vector: Local
Access Complexity: Low
Authentication Required: None
Impact Score: 2.9/10
Confidentiality Impact: Partial
Availability Impact: None
Integrity Impact: None

Products Affected

CPE	Affected	Vulnerable	Excluding
cpe:2.3:a:apache:tomcat:7.0.2:beta::::::	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.49:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.12:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.20:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.34:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.8:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.1:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.2:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.5:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.4:beta::::::	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.22:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.39:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.26:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.46:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.28:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.0:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.50:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.6:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.18:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.14:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.48:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.11:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.23:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.0:beta::::::	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.44:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.7:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.42:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.37:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.29:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.45:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.13:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.47:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.41:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.31:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.30:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.15:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.19:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.16:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.10:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.36:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.25:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.35:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.43:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.32:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.38:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.21:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.27:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.24:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.17:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.40:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.9:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.4:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.3:::::::*	Yes	-	-
cpe:2.3:a:apache:tomcat:7.0.33:::::::*	Yes	-	-

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2013-0346

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

CVSSv2.0 Score

Products Affected

References

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2013-0346

CVE information

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

Description

CVSSv2.0 Score

Products Affected

References