{ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2007-1858", "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { "product" : { "product_data" : [ { "product_name" : "n/a", "version" : { "version_data" : [ { "version_value" : "n/a" } ] } } ] }, "vendor_name" : "n/a" } ] } }, "data_format" : "MITRE", "data_type" : "CVE", "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", "value" : "The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts." } ] }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "eng", "value" : "n/a" } ] } ] }, "references" : { "reference_data" : [ { "name" : "20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)", "refsource" : "BUGTRAQ", "url" : "http://www.securityfocus.com/archive/1/500412/100/0/threaded" }, { "name" : "20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities", "refsource" : "BUGTRAQ", "url" : "http://www.securityfocus.com/archive/1/500396/100/0/threaded" }, { "name" : "http://tomcat.apache.org/security-4.html", "refsource" : "CONFIRM", "url" : "http://tomcat.apache.org/security-4.html" }, { "name" : "http://tomcat.apache.org/security-5.html", "refsource" : "CONFIRM", "url" : "http://tomcat.apache.org/security-5.html" }, { "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm", "refsource" : "CONFIRM", "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-206.htm" }, { "name" : "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx", "refsource" : "CONFIRM", "url" : "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx" }, { "name" : "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540", "refsource" : "CONFIRM", "url" : "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540" }, { "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "refsource" : "CONFIRM", "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" }, { "name" : "HPSBMU02744", "refsource" : "HP", "url" : "http://marc.info/?l=bugtraq&m=133114899904925&w=2" }, { "name" : "SSRT100776", "refsource" : "HP", "url" : "http://marc.info/?l=bugtraq&m=133114899904925&w=2" }, { "name" : "SUSE-SR:2008:007", "refsource" : "SUSE", "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html" }, { "name" : "28482", "refsource" : "BID", "url" : "http://www.securityfocus.com/bid/28482" }, { "name" : "64758", "refsource" : "BID", "url" : "http://www.securityfocus.com/bid/64758" }, { "name" : "44183", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/44183" }, { "name" : "ADV-2007-1729", "refsource" : "VUPEN", "url" : "http://www.vupen.com/english/advisories/2007/1729" }, { "name" : "ADV-2009-0233", "refsource" : "VUPEN", "url" : "http://www.vupen.com/english/advisories/2009/0233" }, { "name" : "34882", "refsource" : "OSVDB", "url" : "http://osvdb.org/34882" }, { "name" : "29392", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/29392" }, { "name" : "33668", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/33668" }, { "name" : "tomcat-ssl-security-bypass(34212)", "refsource" : "XF", "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34212" } ] } }