Описание
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.
The JmxRemoteLifecycleListener was not updated to take account of Oracle's fix for CVE-2016-3427. JMXRemoteLifecycleListener is only included in EWS 2.x and JWS 3.x source distributions. If you deploy a Tomcat instance built from source, using the EWS 2.x, or JWS 3.x distributions, an attacker could use this flaw to launch a remote code execution attack on your deployed instance.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | tomcat5 | Not affected | ||
| Red Hat Enterprise Linux 6 | tomcat6 | Not affected | ||
| Red Hat Enterprise Linux 7 | tomcat | Not affected | ||
| Red Hat JBoss Data Grid 6 | jbossweb | Not affected | ||
| Red Hat JBoss Data Virtualization 6 | jbossweb | Not affected | ||
| Red Hat JBoss Enterprise Application Platform 5 | jbossweb | Not affected | ||
| Red Hat JBoss Enterprise Application Platform 6 | jbossweb | Not affected | ||
| Red Hat JBoss Enterprise Web Server 2 | tomcat6 | Will not fix | ||
| Red Hat JBoss Enterprise Web Server 2 | tomcat7 | Will not fix | ||
| Red Hat JBoss Fuse 6 | jbossweb | Not affected |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
8.1 High
CVSS3
6.8 Medium
CVSS2
Связанные уязвимости
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.
Remote code execution is possible with Apache Tomcat before 6.0.48, 7. ...
Apache Tomcat Improper Access Control vulnerability
Уязвимость сервера приложений Apache Tomcat, позволяющая нарушителю выполнить произвольный код
EPSS
8.1 High
CVSS3
6.8 Medium
CVSS2