CVE-2016-5018
CVSS v3.1
9.1 (Critical)
CVSS v2.0
6.4 (Medium)
EPSS
0.18 % (55th)
Affected Products
15
Advisories
17
In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications.
Weaknesses
- CVE Status
- PUBLISHED
- CNA
- Apache Software Foundation
- Published Date
-
2017-08-10 16:29:00
(7 years ago) - Updated Date
-
2023-12-08 16:41:18
(9 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Configuration #5
|
Configuration #6
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...