← CVECheck
HomeVulnerabilities

CVE-2002-0493 — HIGH severity vulnerability (Apache Tomcat may be started without proper security setting)

Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.

CVE IDCVE-2002-0493
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWECWE-254
StatusModified
Published2002-08-12
Last modified2026-04-16
DescriptionApache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →