製品・ソフトウェアに関する情報

JVN脆弱性詳細

Apache Tomcat におけるデータの信頼性についての不十分な検証に関する脆弱性

タイトル	Apache Tomcat におけるデータの信頼性についての不十分な検証に関する脆弱性
概要	Apache Tomcat には、データの信頼性についての不十分な検証に関する脆弱性が存在します。
想定される影響	情報を改ざんされる可能性があります。
対策	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
公表日	2017年8月11日0:00
登録日	2017年9月13日15:59
最終更新日	2017年12月11日17:07

CVSS3.0 : 警告
スコア	4.3
ベクター	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CVSS2.0 : 警告
スコア	4.3
ベクター	AV:N/AC:M/Au:N/C:N/I:P/A:N

影響を受けるシステム

Apache Software Foundation

Apache Tomcat 7.0.41 から 7.0.78

Apache Tomcat 8.0.0.RC1 から 8.0.44

Apache Tomcat 8.5.0 から 8.5.15

Apache Tomcat 9.0.0.M1 から 9.0.0.M21

日本電気

MailShooter 全バージョン

SimpWright V6

SimpWright V7

SpoolServer/Winspoolシリーズ ReportFiling Ver5.2〜6.2

WebOTX Application Server Enterprise V9.1〜V9.5

WebOTX Application Server Express V9.1〜V9.5

WebOTX Application Server Standard V9.1〜V9.5

WebOTX Developer V9.1〜V9.5

WebSAM Application Navigator Ver 4.1.1.1 以降

WebSAM MCOperations Ver 4.2.1.0 以降

WebSAM SystemManager G Ver 7.0 以降

WebSAM SystemManager Ver 6.2.1.0 以降

CVE (情報セキュリティ共通脆弱性識別子)

No	名前	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2017-7674	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7674
National Vulnerability Database (NVD)
2	CVE-2017-7674	https://nvd.nist.gov/vuln/detail/CVE-2017-7674

CWE (共通脆弱性タイプ一覧)

No	名前	URL
JVNDB
1	CWE-345	https://cwe.mitre.org/data/definitions/345.html

ベンダー情報

No	名前	URL
NEC製品セキュリティ情報
1	NV17-017	http://jpn.nec.com/security-info/secinfo/nv17-017.html
Pony Mail
2	[SECURITY] CVE-2017-7674 Apache Tomcat Cache Poisoning	https://lists.apache.org/thread.html/22b4bb077502f847e2b9fcf00b96e81e734466ab459780ff73b60c0f@%3Cannounce.tomcat.apache.org%3E

その他

No	名前	URL
JVN
1	JVNVU#91991349	https://jvn.jp/vu/JVNVU91991349/

変更履歴

No	変更内容	変更日
0	[2017年09月13日] 掲載 [2017年10月03日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：日本電気 (NV17-017) を追加 [2017年12月11日] 影響を受けるシステム：ベンダ情報 (NV17-017) の更新に伴い内容を更新	2018年2月17日10:37

NVD脆弱性情報

CVE-2017-7674

概要	The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.
公表日	2017年8月11日11:29
登録日	2021年1月26日13:28
最終更新日	2024年11月21日12:32

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:apache:tomcat:8.0.4:::::::*
cpe:2.3:a:apache:tomcat:8.0.10:::::::*
cpe:2.3:a:apache:tomcat:7.0.49:::::::*
cpe:2.3:a:apache:tomcat:8.0.30:::::::*
cpe:2.3:a:apache:tomcat:8.0.44:::::::*
cpe:2.3:a:apache:tomcat:7.0.62:::::::*
cpe:2.3:a:apache:tomcat:8.0.17:::::::*
cpe:2.3:a:apache:tomcat:7.0.53:::::::*
cpe:2.3:a:apache:tomcat:8.0.7:::::::*
cpe:2.3:a:apache:tomcat:8.0.26:::::::*
cpe:2.3:a:apache:tomcat:7.0.58:::::::*
cpe:2.3:a:apache:tomcat:7.0.78:::::::*
cpe:2.3:a:apache:tomcat:8.5.2:::::::*
cpe:2.3:a:apache:tomcat:7.0.55:::::::*
cpe:2.3:a:apache:tomcat:8.5.9:::::::*
cpe:2.3:a:apache:tomcat:8.5.4:::::::*
cpe:2.3:a:apache:tomcat:8.0.40:::::::*
cpe:2.3:a:apache:tomcat:8.0.2:::::::*
cpe:2.3:a:apache:tomcat:7.0.63:::::::*
cpe:2.3:a:apache:tomcat:8.0.20:::::::*
cpe:2.3:a:apache:tomcat:8.0.31:::::::*
cpe:2.3:a:apache:tomcat:8.5.0:::::::*
cpe:2.3:a:apache:tomcat:7.0.46:::::::*
cpe:2.3:a:apache:tomcat:7.0.72:::::::*
cpe:2.3:a:apache:tomcat:8.0.5:::::::*
cpe:2.3:a:apache:tomcat:7.0.76:::::::*
cpe:2.3:a:apache:tomcat:7.0.71:::::::*
cpe:2.3:a:apache:tomcat:8.0.1:::::::*
cpe:2.3:a:apache:tomcat:8.0.0:rc3::::::
cpe:2.3:a:apache:tomcat:7.0.59:::::::*
cpe:2.3:a:apache:tomcat:8.5.15:::::::*
cpe:2.3:a:apache:tomcat:7.0.65:::::::*
cpe:2.3:a:apache:tomcat:8.0.19:::::::*
cpe:2.3:a:apache:tomcat:7.0.50:::::::*
cpe:2.3:a:apache:tomcat:8.5.10:::::::*
cpe:2.3:a:apache:tomcat:8.0:::::::*
cpe:2.3:a:apache:tomcat:8.0.39:::::::*
cpe:2.3:a:apache:tomcat:8.0.12:::::::*
cpe:2.3:a:apache:tomcat:8.0.27:::::::*
cpe:2.3:a:apache:tomcat:8.0.15:::::::*
cpe:2.3:a:apache:tomcat:7.0.48:::::::*
cpe:2.3:a:apache:tomcat:7.0.67:::::::*
cpe:2.3:a:apache:tomcat:8.0.0:rc1::::::
cpe:2.3:a:apache:tomcat:7.0.74:::::::*
cpe:2.3:a:apache:tomcat:7.0.66:::::::*
cpe:2.3:a:apache:tomcat:8.5.13:::::::*
cpe:2.3:a:apache:tomcat:8.0.22:::::::*
cpe:2.3:a:apache:tomcat:7.0.44:::::::*
cpe:2.3:a:apache:tomcat:8.5.14:::::::*
cpe:2.3:a:apache:tomcat:7.0.69:::::::*
cpe:2.3:a:apache:tomcat:8.0.29:::::::*
cpe:2.3:a:apache:tomcat:8.0.42:::::::*
cpe:2.3:a:apache:tomcat:7.0.52:::::::*
cpe:2.3:a:apache:tomcat:7.0.42:::::::*
cpe:2.3:a:apache:tomcat:7.0.60:::::::*
cpe:2.3:a:apache:tomcat:7.0.45:::::::*
cpe:2.3:a:apache:tomcat:8.0.11:::::::*
cpe:2.3:a:apache:tomcat:8.0.24:::::::*
cpe:2.3:a:apache:tomcat:8.0.0:rc10::::::
cpe:2.3:a:apache:tomcat:8.0.36:::::::*
cpe:2.3:a:apache:tomcat:7.0.68:::::::*
cpe:2.3:a:apache:tomcat:8.5.5:::::::*
cpe:2.3:a:apache:tomcat:8.0.23:::::::*
cpe:2.3:a:apache:tomcat:8.5.3:::::::*
cpe:2.3:a:apache:tomcat:8.0.33:::::::*
cpe:2.3:a:apache:tomcat:7.0.47:::::::*
cpe:2.3:a:apache:tomcat:8.5.6:::::::*
cpe:2.3:a:apache:tomcat:8.0.6:::::::*
cpe:2.3:a:apache:tomcat:8.0.21:::::::*
cpe:2.3:a:apache:tomcat:8.0.32:::::::*
cpe:2.3:a:apache:tomcat:7.0.41:::::::*
cpe:2.3:a:apache:tomcat:7.0.75:::::::*
cpe:2.3:a:apache:tomcat:8.0.41:::::::*
cpe:2.3:a:apache:tomcat:8.0.25:::::::*
cpe:2.3:a:apache:tomcat:8.0.18:::::::*
cpe:2.3:a:apache:tomcat:7.0.54:::::::*
cpe:2.3:a:apache:tomcat:8.0.35:::::::*
cpe:2.3:a:apache:tomcat:7.0.61:::::::*
cpe:2.3:a:apache:tomcat:8.0.3:::::::*
cpe:2.3:a:apache:tomcat:8.0.38:::::::*
cpe:2.3:a:apache:tomcat:7.0.57:::::::*
cpe:2.3:a:apache:tomcat:7.0.43:::::::*
cpe:2.3:a:apache:tomcat:8.0.13:::::::*
cpe:2.3:a:apache:tomcat:8.0.14:::::::*
cpe:2.3:a:apache:tomcat:8.0.9:::::::*
cpe:2.3:a:apache:tomcat:8.0.0:rc5::::::
cpe:2.3:a:apache:tomcat:8.0.43:::::::*
cpe:2.3:a:apache:tomcat:8.5.7:::::::*
cpe:2.3:a:apache:tomcat:8.5.8:::::::*
cpe:2.3:a:apache:tomcat:8.0.16:::::::*
cpe:2.3:a:apache:tomcat:8.5.12:::::::*
cpe:2.3:a:apache:tomcat:8.0.8:::::::*
cpe:2.3:a:apache:tomcat:7.0.77:::::::*
cpe:2.3:a:apache:tomcat:7.0.56:::::::*
cpe:2.3:a:apache:tomcat:8.0.34:::::::*
cpe:2.3:a:apache:tomcat:8.5.11:::::::*
cpe:2.3:a:apache:tomcat:8.0.28:::::::*
cpe:2.3:a:apache:tomcat:7.0.64:::::::*
cpe:2.3:a:apache:tomcat:8.0.37:::::::*
cpe:2.3:a:apache:tomcat:7.0.70:::::::*
cpe:2.3:a:apache:tomcat:8.5.1:::::::*
cpe:2.3:a:apache:tomcat:7.0.73:::::::*
cpe:2.3:a:apache:tomcat:9.0.0:milestone1::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone10::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone11::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone12::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone13::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone14::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone15::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone16::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone17::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone18::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone19::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone2::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone20::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone21::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone3::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone4::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone5::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone6::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone7::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone8::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone9::::::

関連情報、対策とツール

No	URL	タグ
1	http://www.debian.org/security/2017/dsa-3974
2	http://www.debian.org/security/2017/dsa-3974
3	http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
4	http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
5	http://www.securityfocus.com/bid/100280	Third Party Advisory VDB Entry
6	http://www.securityfocus.com/bid/100280	Third Party Advisory VDB Entry
7	https://access.redhat.com/errata/RHSA-2017:1801
8	https://access.redhat.com/errata/RHSA-2017:1801
9	https://access.redhat.com/errata/RHSA-2017:1802
10	https://access.redhat.com/errata/RHSA-2017:1802
11	https://access.redhat.com/errata/RHSA-2017:3081
12	https://access.redhat.com/errata/RHSA-2017:3081
13	https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E
14	https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E
15	https://lists.apache.org/thread.html/22b4bb077502f847e2b9fcf00b96e81e734466ab459780ff73b60c0f%40%3Cannounce.tomcat.apache.org%3E
16	https://lists.apache.org/thread.html/22b4bb077502f847e2b9fcf00b96e81e734466ab459780ff73b60c0f%40%3Cannounce.tomcat.apache.org%3E
17	https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
18	https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
19	https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
20	https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
21	https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
22	https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
23	https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E
24	https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E
25	https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
26	https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
27	https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
28	https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
29	https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
30	https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
31	https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
32	https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
33	https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E
34	https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E
35	https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E
36	https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E
37	https://lists.apache.org/thread.html/r15695e6203b026c9e9070ca9fa95fb17dd4cd88e5342a7dc5e1e7b85%40%3Cusers.tomcat.apache.org%3E
38	https://lists.apache.org/thread.html/r15695e6203b026c9e9070ca9fa95fb17dd4cd88e5342a7dc5e1e7b85%40%3Cusers.tomcat.apache.org%3E
39	https://lists.apache.org/thread.html/r1c62634b7426bee5f553307063457b99c84af73b078ede4f2592b34e%40%3Cusers.tomcat.apache.org%3E
40	https://lists.apache.org/thread.html/r1c62634b7426bee5f553307063457b99c84af73b078ede4f2592b34e%40%3Cusers.tomcat.apache.org%3E
41	https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
42	https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
43	https://lists.apache.org/thread.html/r409efdf706c2077ae5c37018a87da725a3ca89570a9530342cdc53e4%40%3Cusers.tomcat.apache.org%3E
44	https://lists.apache.org/thread.html/r409efdf706c2077ae5c37018a87da725a3ca89570a9530342cdc53e4%40%3Cusers.tomcat.apache.org%3E
45	https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
46	https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
47	https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
48	https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
49	https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
50	https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
51	https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
52	https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
53	https://lists.debian.org/debian-lts-announce/2018/06/msg00008.html
54	https://lists.debian.org/debian-lts-announce/2018/06/msg00008.html
55	https://security.netapp.com/advisory/ntap-20180614-0003/
56	https://security.netapp.com/advisory/ntap-20180614-0003/
57	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03828en_us
58	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03828en_us

共通脆弱性一覧

No	CWE	名前	URL
1	CWE-345	データの信頼性についての不十分な検証	https://cwe.mitre.org/data/definitions/345.html

構成1	以上	以下	より上	未満
cpe:2.3:a:apache:tomcat:8.0.4:::::::*
cpe:2.3:a:apache:tomcat:8.0.10:::::::*
cpe:2.3:a:apache:tomcat:7.0.49:::::::*
cpe:2.3:a:apache:tomcat:8.0.30:::::::*
cpe:2.3:a:apache:tomcat:8.0.44:::::::*
cpe:2.3:a:apache:tomcat:7.0.62:::::::*
cpe:2.3:a:apache:tomcat:8.0.17:::::::*
cpe:2.3:a:apache:tomcat:7.0.53:::::::*
cpe:2.3:a:apache:tomcat:8.0.7:::::::*
cpe:2.3:a:apache:tomcat:8.0.26:::::::*
cpe:2.3:a:apache:tomcat:7.0.58:::::::*
cpe:2.3:a:apache:tomcat:7.0.78:::::::*
cpe:2.3:a:apache:tomcat:8.5.2:::::::*
cpe:2.3:a:apache:tomcat:7.0.55:::::::*
cpe:2.3:a:apache:tomcat:8.5.9:::::::*
cpe:2.3:a:apache:tomcat:8.5.4:::::::*
cpe:2.3:a:apache:tomcat:8.0.40:::::::*
cpe:2.3:a:apache:tomcat:8.0.2:::::::*
cpe:2.3:a:apache:tomcat:7.0.63:::::::*
cpe:2.3:a:apache:tomcat:8.0.20:::::::*
cpe:2.3:a:apache:tomcat:8.0.31:::::::*
cpe:2.3:a:apache:tomcat:8.5.0:::::::*
cpe:2.3:a:apache:tomcat:7.0.46:::::::*
cpe:2.3:a:apache:tomcat:7.0.72:::::::*
cpe:2.3:a:apache:tomcat:8.0.5:::::::*
cpe:2.3:a:apache:tomcat:7.0.76:::::::*
cpe:2.3:a:apache:tomcat:7.0.71:::::::*
cpe:2.3:a:apache:tomcat:8.0.1:::::::*
cpe:2.3:a:apache:tomcat:8.0.0:rc3::::::
cpe:2.3:a:apache:tomcat:7.0.59:::::::*
cpe:2.3:a:apache:tomcat:8.5.15:::::::*
cpe:2.3:a:apache:tomcat:7.0.65:::::::*
cpe:2.3:a:apache:tomcat:8.0.19:::::::*
cpe:2.3:a:apache:tomcat:7.0.50:::::::*
cpe:2.3:a:apache:tomcat:8.5.10:::::::*
cpe:2.3:a:apache:tomcat:8.0:::::::*
cpe:2.3:a:apache:tomcat:8.0.39:::::::*
cpe:2.3:a:apache:tomcat:8.0.12:::::::*
cpe:2.3:a:apache:tomcat:8.0.27:::::::*
cpe:2.3:a:apache:tomcat:8.0.15:::::::*
cpe:2.3:a:apache:tomcat:7.0.48:::::::*
cpe:2.3:a:apache:tomcat:7.0.67:::::::*
cpe:2.3:a:apache:tomcat:8.0.0:rc1::::::
cpe:2.3:a:apache:tomcat:7.0.74:::::::*
cpe:2.3:a:apache:tomcat:7.0.66:::::::*
cpe:2.3:a:apache:tomcat:8.5.13:::::::*
cpe:2.3:a:apache:tomcat:8.0.22:::::::*
cpe:2.3:a:apache:tomcat:7.0.44:::::::*
cpe:2.3:a:apache:tomcat:8.5.14:::::::*
cpe:2.3:a:apache:tomcat:7.0.69:::::::*
cpe:2.3:a:apache:tomcat:8.0.29:::::::*
cpe:2.3:a:apache:tomcat:8.0.42:::::::*
cpe:2.3:a:apache:tomcat:7.0.52:::::::*
cpe:2.3:a:apache:tomcat:7.0.42:::::::*
cpe:2.3:a:apache:tomcat:7.0.60:::::::*
cpe:2.3:a:apache:tomcat:7.0.45:::::::*
cpe:2.3:a:apache:tomcat:8.0.11:::::::*
cpe:2.3:a:apache:tomcat:8.0.24:::::::*
cpe:2.3:a:apache:tomcat:8.0.0:rc10::::::
cpe:2.3:a:apache:tomcat:8.0.36:::::::*
cpe:2.3:a:apache:tomcat:7.0.68:::::::*
cpe:2.3:a:apache:tomcat:8.5.5:::::::*
cpe:2.3:a:apache:tomcat:8.0.23:::::::*
cpe:2.3:a:apache:tomcat:8.5.3:::::::*
cpe:2.3:a:apache:tomcat:8.0.33:::::::*
cpe:2.3:a:apache:tomcat:7.0.47:::::::*
cpe:2.3:a:apache:tomcat:8.5.6:::::::*
cpe:2.3:a:apache:tomcat:8.0.6:::::::*
cpe:2.3:a:apache:tomcat:8.0.21:::::::*
cpe:2.3:a:apache:tomcat:8.0.32:::::::*
cpe:2.3:a:apache:tomcat:7.0.41:::::::*
cpe:2.3:a:apache:tomcat:7.0.75:::::::*
cpe:2.3:a:apache:tomcat:8.0.41:::::::*
cpe:2.3:a:apache:tomcat:8.0.25:::::::*
cpe:2.3:a:apache:tomcat:8.0.18:::::::*
cpe:2.3:a:apache:tomcat:7.0.54:::::::*
cpe:2.3:a:apache:tomcat:8.0.35:::::::*
cpe:2.3:a:apache:tomcat:7.0.61:::::::*
cpe:2.3:a:apache:tomcat:8.0.3:::::::*
cpe:2.3:a:apache:tomcat:8.0.38:::::::*
cpe:2.3:a:apache:tomcat:7.0.57:::::::*
cpe:2.3:a:apache:tomcat:7.0.43:::::::*
cpe:2.3:a:apache:tomcat:8.0.13:::::::*
cpe:2.3:a:apache:tomcat:8.0.14:::::::*
cpe:2.3:a:apache:tomcat:8.0.9:::::::*
cpe:2.3:a:apache:tomcat:8.0.0:rc5::::::
cpe:2.3:a:apache:tomcat:8.0.43:::::::*
cpe:2.3:a:apache:tomcat:8.5.7:::::::*
cpe:2.3:a:apache:tomcat:8.5.8:::::::*
cpe:2.3:a:apache:tomcat:8.0.16:::::::*
cpe:2.3:a:apache:tomcat:8.5.12:::::::*
cpe:2.3:a:apache:tomcat:8.0.8:::::::*
cpe:2.3:a:apache:tomcat:7.0.77:::::::*
cpe:2.3:a:apache:tomcat:7.0.56:::::::*
cpe:2.3:a:apache:tomcat:8.0.34:::::::*
cpe:2.3:a:apache:tomcat:8.5.11:::::::*
cpe:2.3:a:apache:tomcat:8.0.28:::::::*
cpe:2.3:a:apache:tomcat:7.0.64:::::::*
cpe:2.3:a:apache:tomcat:8.0.37:::::::*
cpe:2.3:a:apache:tomcat:7.0.70:::::::*
cpe:2.3:a:apache:tomcat:8.5.1:::::::*
cpe:2.3:a:apache:tomcat:7.0.73:::::::*
cpe:2.3:a:apache:tomcat:9.0.0:milestone1::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone10::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone11::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone12::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone13::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone14::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone15::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone16::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone17::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone18::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone19::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone2::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone20::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone21::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone3::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone4::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone5::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone6::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone7::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone8::::::
cpe:2.3:a:apache:tomcat:9.0.0:milestone9::::::