CVE-2014-0186

EUVD-2014-0238
A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux (RHEL) 7 allows remote attackers to cause a denial of service (CPU consumption) via a crafted request.  NOTE: this vulnerability exists because of an unspecified regression.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
Affected Products (NVD)
VendorProductVersion
redhatenterprise_linux
7.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
tomcat7
lucid
dne
precise
not-affected
saucy
not-affected
trusty
not-affected
References
http://www.osvdb.org/108060
https://bugzilla.redhat.com/show_bug.cgi?id=1089884
https://rhn.redhat.com/errata/RHSA-2014-0686.html
https://security-tracker.debian.org/tracker/CVE-2014-0186
http://www.osvdb.org/108060
https://bugzilla.redhat.com/show_bug.cgi?id=1089884
https://rhn.redhat.com/errata/RHSA-2014-0686.html
https://security-tracker.debian.org/tracker/CVE-2014-0186