Lucene search

Basic search
Lucene search
Search by product

Vendors

Products

46d40de8a721JRASERVER-61885

HistoryJul 14, 2016 - 2:22 p.m.

Upgrade Tomcat to 8.0.36 or later

2016-07-1414:22:05

46d40de8a721

jira.atlassian.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.043 Low

EPSS

Percentile

92.2%

JSON

Current version of Tomcat 8.0.33 is vulernable to http://www.cvedetails.com/cve/CVE-2016-3092/

We need to upgrade the version we package with JIRA to address that vulnerability.

CPENameOperatorVersion
jira data centerle7.2.2
jira data centerle7.1.9
jira data centerlt7.2.6

Name	Operator	Version
jira data center	le	7.2.2
jira data center	le	7.1.9
jira data center	lt	7.2.6

redhat 8

ibm 98

nessus 30

openvas 18

myhack58 1

f5 2

tomcat 3

checkpoint_advisories 1

freebsd 2

fedora 3

atlassian 3

ubuntucve 1

debian 7

amazon 1

osv 5

veracode 2

mageia 1

debiancve 1

prion 2

ubuntu 2

cve 2

github 2

jvn 1

redhatcve 1

gentoo 1

centos 1

redhat

(RHSA-2016:2069) Moderate: Red Hat JBoss Enterprise Application Platform 6.4.11 update on RHEL 7

2016-10-17 18:09:27

(RHSA-2016:2071) Moderate: Red Hat JBoss Enterprise Application Platform 6.4.11 update

2016-10-17 18:09:50

(RHSA-2016:2070) Moderate: Red Hat JBoss Enterprise Application Platform 6.4.11 update on RHEL 5

2016-10-17 18:09:40

ibm

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Financial Transaction Manager (CVE-2016-3092)

2018-06-16 20:05:01

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Netcool Impact (CVE-2016-3092)

2018-06-17 15:47:06

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server affecting IBM Tivoli Storage Manager FastBack Reporting (CVE-2016-3092)

2018-06-17 15:31:31

nessus

Fedora 24 : 1:tomcat (2016-2b0c16fd82)

2016-09-02 00:00:00

Debian DLA-529-1 : tomcat7 security update

2016-06-27 00:00:00

FreeBSD : Apache Commons FileUpload -- denial of service (61b8c359-4aab-11e6-a7bd-14dae9d210b8)

2016-07-18 00:00:00

openvas

Amazon Linux: Security Advisory (ALAS-2016-736)

2016-10-26 00:00:00

Debian Security Advisory DSA 3614-1 (tomcat7 - security update)

2016-07-02 00:00:00

Debian Security Advisory DSA 3611-1 (libcommons-fileupload-java - security update)

2016-07-07 00:00:00

myhack58

Apache Commons Fileupload 1.3.1 DOS(CVE-2016-3092)-vulnerability warning-the black bar safety net

2017-06-15 00:00:00

SOL82392041 - Apache Commons FileUpload vulnerability CVE-2016-3092

2016-07-19 00:00:00

K82392041 : Apache Commons FileUpload vulnerability CVE-2016-3092

2016-07-19 00:00:00

tomcat

Fixed in Apache Tomcat 9.0.0.M8

2016-06-13 00:00:00

Fixed in Apache Tomcat 8.5.3 and 8.0.36

2016-06-13 00:00:00

Fixed in Apache Tomcat 7.0.70

2016-06-20 00:00:00

checkpoint_advisories

Apache Commons FileUpload Denial Of Service (CVE-2016-3092)

2016-07-31 00:00:00

freebsd

Apache Commons FileUpload -- denial of service

2016-06-21 00:00:00

Apache Commons FileUpload -- denial of service (DoS) vulnerability

2016-06-20 00:00:00

fedora

[SECURITY] Fedora 25 Update: tomcat-8.0.36-2.fc25

2016-09-01 13:43:39

[SECURITY] Fedora 23 Update: tomcat-8.0.36-2.fc23

2016-09-01 18:56:38

[SECURITY] Fedora 24 Update: tomcat-8.0.36-2.fc24

2016-09-01 17:01:05

atlassian

Upgrade Tomcat to 8.0.36 or later

2016-07-14 14:22:05

Upgrade commons-fileupload to version >= 1.3.2

2016-07-20 08:22:15

Upgrade Tomcat to 8.0.36 or later

2016-07-14 14:22:05

ubuntucve

CVE-2016-3092

2016-06-23 00:00:00

debian

[SECURITY] [DSA 3614-1] tomcat7 security update

2016-07-02 12:54:16

[SECURITY] [DSA 3611-1] libcommons-fileupload-java security update

2016-06-30 08:44:01

[SECURITY] [DSA 3614-1] tomcat7 security update

2016-07-02 12:54:16

amazon

Medium: tomcat7, tomcat8

2016-08-17 13:30:00

osv

libcommons-fileupload-java - security update

2016-06-26 00:00:00

High severity vulnerability that affects commons-fileupload:commons-fileupload

2018-12-21 17:47:47

tomcat7 - security update

2016-06-26 00:00:00

veracode

Denial Of Service (DoS)

2019-01-15 09:13:41

Denial Of Service (DoS)

2017-04-04 03:24:03

mageia

Updated tomcat/apache-commons-fileupload packages fix security vulnerability

2016-07-27 00:16:28

debiancve

CVE-2016-3092

2016-07-04 22:59:00

prion

Design/Logic Flaw

2016-07-04 22:59:00

Design/Logic Flaw

2018-01-26 02:29:00

ubuntu

Tomcat vulnerability

2016-07-06 00:00:00

Tomcat vulnerabilities

2016-07-05 00:00:00

cve

CVE-2016-3092

2016-07-04 22:59:00

CVE-2017-1000394

2018-01-26 02:29:00

github

High severity vulnerability that affects commons-fileupload:commons-fileupload

2018-12-21 17:47:47

Improper Input Validation in Jenkins

2022-05-14 01:04:31

jvn

JVN#89379547: Apache Commons FileUpload vulnerable to denial-of-service (DoS)

2016-06-30 00:00:00

redhatcve

CVE-2017-1000394

2017-11-21 11:20:50

gentoo

Apache Commons FileUpload: Multiple vulnerabilities

2021-07-17 00:00:00

centos

tomcat security update

2016-11-25 15:49:52

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.043 Low

EPSS

Percentile

92.2%

JSON

Related for JRASERVER-61885