CVE-2007-1858 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2007-1858 Interim 1 6 2023-12-09T02:15:05Z current 2021-05-30T12:38:35Z 2023-12-09T02:15:05Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2007-1858 The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VJSAKSIAJRUC2D6ISFCI5NAL75JW2UIY/#VJSAKSIAJRUC2D6ISFCI5NAL75JW2UIY E-Mail link for SUSE-SR:2008:007 https://www.suse.com/support/kb/doc/?id=7006398 E-Mail link for TID7006398 https://www.suse.com/support/kb/doc/?id=7010833 E-Mail link for TID7010833 https://www.suse.com/support/security/rating/ SUSE Security Ratings The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts. CVE-2007-1858 low 2.6 AV:N/AC:H/Au:N/C:P/I:N/A:N