Back to search
CVE-2016-6325
Published: Oct 13, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
93478
vdb-entry
x_refsource_BID
RHSA-2016:2045
vendor-advisory
x_refsource_REDHAT
RHSA-2016:2046
vendor-advisory
x_refsource_REDHAT
RHSA-2017:0457
vendor-advisory
x_refsource_REDHAT
RHSA-2017:0455
vendor-advisory
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=1367447
x_refsource_CONFIRM
RHSA-2017:0456
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now