Vulnerability Details : CVE-2009-3548
Public exploit exists!
The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.
Products affected by CVE-2009-3548
- cpe:2.3:a:apache:tomcat:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.3:beta:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.9:beta:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:3.2.2:beta2:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:3.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:3.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:3.3.1a:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.31:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.36:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.28:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.17:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.18:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.26:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.27:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.33:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.34:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.16:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.25:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.32:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.21:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.22:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.23:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.30:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.37:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.39:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.19:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.20:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.29:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.35:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.16:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.28:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.22:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.29:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.30:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.17:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.23:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.24:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.27:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.25:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.26:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.18:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.21:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.22:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.19:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.20:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.23:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.24:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:3.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.25:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.26:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:4.1.38:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.27:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:5.5.28:*:*:*:*:*:*:*
- cpe:2.3:a:apache:tomcat:3.2.2:*:*:*:*:*:*:*
Threat overview for CVE-2009-3548
Top countries where our scanners detected CVE-2009-3548
Top open port discovered on systems with this issue
80
IPs affected by CVE-2009-3548 18,457
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2009-3548!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2009-3548
88.80%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2009-3548
-
Apache Tomcat Manager Application Deployer Authenticated Code Execution
Disclosure Date: 2009-11-09First seen: 2020-04-26exploit/multi/http/tomcat_mgr_deployThis module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a PUT request. The manager application can also be abused using /manager/h -
Tomcat Application Manager Login Utility
First seen: 2020-04-26auxiliary/scanner/http/tomcat_mgr_loginThis module simply attempts to login to a Tomcat Application Manager instance using a specific user/pass. Authors: - MC <mc@metasploit.com> - Matteo Cantoni <goony@nothink.org> - jduck <jduck@metasploit.com> -
Apache Tomcat Manager Authenticated Upload Code Execution
Disclosure Date: 2009-11-09First seen: 2020-04-26exploit/multi/http/tomcat_mgr_uploadThis module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a POST request against the /manager/html/upload component. NOTE: The
CVSS scores for CVE-2009-3548
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2009-3548
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-3548
-
http://marc.info/?l=bugtraq&m=133469267822771&w=2
'[security bulletin] HPSBOV02762 SSRT100825 rev.1 - HP Secure Web Server (SWS) for OpenVMS running CS' - MARC
-
http://tomcat.apache.org/security-5.html
Apache Tomcat® - Apache Tomcat 5 vulnerabilitiesPatch;Vendor Advisory
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02241113
-
http://www.securitytracker.com/id?1023146
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7033
-
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E
svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ - Pony Mail
-
http://secunia.com/advisories/40330
About Secunia Research | Flexera
-
http://marc.info/?l=bugtraq&m=139344343412337&w=2
'[security bulletin] HPSBST02955 rev.1 - HP XP P9000 Performance Advisor Software, 3rd party Software' - MARC
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19414
-
https://lists.apache.org/thread.html/df497a37fbf98e38d4c83e44829745fe9851b5fde928409c950f80e6%40%3Cdev.tomcat.apache.org%3E
-
http://www.vupen.com/english/advisories/2009/3185
Vendor Advisory
-
http://marc.info/?l=bugtraq&m=136485229118404&w=2
'[security bulletin] HPSBUX02860 SSRT101146 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remot' - MARC
-
http://www.vupen.com/english/advisories/2010/1559
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
-
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E
svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/-Apache Mail Archives
-
http://tomcat.apache.org/security-6.html
Apache Tomcat® - Apache Tomcat 6 vulnerabilitiesPatch;Vendor Advisory
-
https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E
Pony Mail!
-
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E
svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/-Apache Mail Archives
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/54182
-
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E
svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/-Apache Mail Archives
-
http://marc.info/?l=bugtraq&m=127420533226623&w=2
'[security bulletin] HPSBMA02535 SSRT100029 rev.1 - HP Performance Manager, Remote Unauthorized Acces' - MARC
-
http://secunia.com/advisories/57126
Sign in
-
http://www.securityfocus.com/archive/1/507720/100/0/threaded
-
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
VMSA-2011-0003.2
-
https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E
svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/ - Pony Mail
-
https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E
svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/ - Pony Mail
-
http://www.securityfocus.com/bid/36954
Apache Tomcat Windows Installer Insecure Password Vulnerability
-
http://www.securityfocus.com/archive/1/516397/100/0/threaded
SecurityFocus
-
https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E
svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/-Apache Mail Archives
-
http://markmail.org/thread/wfu4nff5chvkb6xp
-
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
VMware vCenter Server 4.1 Update 1 Release Notes
-
https://lists.apache.org/thread.html/df497a37fbf98e38d4c83e44829745fe9851b5fde928409c950f80e6@%3Cdev.tomcat.apache.org%3E
Jump to