vulnerability
Apache Tomcat: Moderate: Cache Poisoning (CVE-2017-7674)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Aug 11, 2017 | Aug 11, 2017 | Apr 25, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Aug 11, 2017
Added
Aug 11, 2017
Modified
Apr 25, 2025
Description
The CORS Filter did not add an HTTP Vary header indicating that the
response varies depending on Origin. This permitted client and server
side cache poisoning in some circumstances.
Solution(s)
apache-tomcat-upgrade-7_0_79apache-tomcat-upgrade-8_0_45apache-tomcat-upgrade-8_5_16

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.