vulnerability

Apache Tomcat: Moderate: Cache Poisoning (CVE-2017-7674)

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Aug 11, 2017
Added
Aug 11, 2017
Modified
Apr 25, 2025

Description

The CORS Filter did not add an HTTP Vary header indicating that the
response varies depending on Origin. This permitted client and server
side cache poisoning in some circumstances.

Solution(s)

apache-tomcat-upgrade-7_0_79apache-tomcat-upgrade-8_0_45apache-tomcat-upgrade-8_5_16
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.