CVE-2009-2693
The MITRE CVE dictionary describes this issue as:
Find out more about CVE-2009-2693 from the MITRE CVE dictionary dictionary and NIST NVD.
Statement
Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2693
The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/
This issue has been addressed in JBoss Enterprise Web Server 1.0.1: https://rhn.redhat.com/errata/RHSA-2010-0119.html
CVSS v2 metrics
| Base Score | 4.3 |
|---|---|
| Base Metrics | AV:N/AC:M/Au:N/C:N/I:P/A:N |
| Access Vector | Network |
| Access Complexity | Medium |
| Authentication | None |
| Confidentiality Impact | None |
| Integrity Impact | Partial |
| Availability Impact | None |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux 5 (tomcat5) | RHSA-2010:0580 | 2010-08-02 |
| Red Hat Certificate System 7.3 for 4AS (tomcat5) | RHSA-2010:0693 | 2010-09-10 |
| Red Hat Application Server v2 4AS (tomcat5) | RHSA-2010:0582 | 2010-08-02 |
| Red Hat JBoss Web Server 1.0 for RHEL 4 AS | RHSA-2010:0119 | 2010-02-23 |
| Red Hat JBoss Enterprise Web Server 1 for RHEL 5 Server | RHSA-2010:0119 | 2010-02-23 |
CVE description copyright © 2017, The MITRE Corporation
