The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2007-05-09T22:00:00

Updated: 2024-08-07T13:13:41.699Z

Reserved: 2007-04-04T00:00:00

Link: CVE-2007-1858

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2007-05-10T00:19:00.000

Modified: 2024-11-21T00:29:19.433

Link: CVE-2007-1858

cve-icon Redhat

Severity : Moderate

Publid Date: 2007-04-19T00:00:00Z

Links: CVE-2007-1858 - Bugzilla