CVE-2016-6794

MEDIUM

Apache Tomcat <9.0.0.M10, <8.5.5, <8.0.37, <7.0.71, <6.0.46 - Info ...

Title source: llm

Description

When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible.

References (25)

[Third Party Advisory] http://rhn.redhat.com/errata/RHSA-2017-0457.html

[Third Party Advisory] http://www.debian.org/security/2016/dsa-3720

[Broken Link] http://www.securityfocus.com/bid/93943

[Broken Link] http://www.securitytracker.com/id/1037143

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2017:0455

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2017:0456

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2017:2247

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20180605-0001/

[Third Party Advisory] https://usn.ubuntu.com/4557-1/

[Patch, Third Party Advisory] https://www.oracle.com/security-alerts/cpuoct2021.html

[Mailing List] https://lists.apache.org/thread.html/09d2f2c65ac4ff5da42f15dc2b0f78b655e50f1a42e8a9784134a9eb%40%3Cannounce.tomcat.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E

... and 5 more

Scores

CVSS v3 5.3

EPSS 0.0036

EPSS Percentile 57.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

Status published

Products (34)

apache/tomcat < 6.0.45

apache/tomcat

apache/tomcat

apache/tomcat

apache/tomcat

apache/tomcat

apache/tomcat

apache/tomcat

apache/tomcat

apache/tomcat

... and 24 more

Published Aug 10, 2017

Tracked Since Feb 18, 2026