← CVECheck
HomeVulnerabilities

CVE-2002-1394 — HIGH severity vulnerability (Apache Tomcat 4.0.5 and earlier, when using both the invoker)

Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.

CVE IDCVE-2002-1394
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2003-01-17
Last modified2026-04-16
DescriptionApache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →