CVE-2016-5388

🗓️ 19 Jul 2016 01:00:00Reported by redhatType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 280 Views

Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4 HTTP_PROXY vulnerabilit

Reporter	Title	Published	Views	Family All 130
IBM Security Bulletins	Release of QRadar 7.2.8 Patch 4 (7.2.8.20170224202650) Updated w/Security Bulletins	10 May 201914:29	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Business Intelligence Server 2017Q1 Security Updater : IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities.	15 Jun 201823:17	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Apache Tomcat affect the IBM FlashSystem models 840 and 900	18 Feb 202301:45	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM Cognos Business Intelligence shipped with IBM Cognos Planning (CVE-2016-5388).	25 Jun 201805:54	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Apache Tomcat affect the IBM FlashSystem model V840	18 Jun 201800:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities	16 Jun 202221:33	–	ibm
IBM Security Bulletins	Security Bulletin: Apache Tomcat Vulnerabilities Affect IBM Sterling B2B Integrator	29 Apr 202502:11	–	ibm
IBM Security Bulletins	Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerability (CVE-2016-5388)	18 Nov 201913:57	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM is vulnerable to various CGI vulnerabilities. (CVE-2016-5385, CVE-2016-5387, CVE-2016-5388)	16 Jun 201821:48	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Apache Tomcat affect SAN Volume Controller, Storwize family and FlashSystem V9000 products	29 Mar 202301:48	–	ibm

NVD

Node

redhat enterprise_linux_desktopMatch7.0

redhat enterprise_linux_hpc_nodeMatch7.0

redhat enterprise_linux_hpc_node_eusMatch7.2

redhat enterprise_linux_serverMatch7.0

redhat enterprise_linux_server_ausMatch7.2

redhat enterprise_linux_server_eusMatch7.2

redhat enterprise_linux_server_tusMatch7.2

redhat enterprise_linux_workstationMatch7.0

Node

hp system_management_homepageRange≤7.5.5.0

Node

redhat enterprise_linux_desktopMatch6.0

redhat enterprise_linux_hpc_nodeMatch6.0

redhat enterprise_linux_serverMatch6.0

redhat enterprise_linux_workstationMatch6.0

Node

oracle linuxMatch6

oracle linuxMatch7

Node

apache tomcatRange6.0–6.0.45

apache tomcatRange7.0–7.0.70

apache tomcatRange8.0–8.5.4

Source	Link
access	www.access.redhat.com/errata/RHSA-2016:1636
httpoxy	www.httpoxy.org/
oracle	www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
kb	www.kb.cert.org/vuls/id/797896
h20566	www.h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay
h20566	www.h20566.www2.hpe.com/hpsc/doc/public/display
access	www.access.redhat.com/errata/RHSA-2016:1635
securityfocus	www.securityfocus.com/bid/91818
lists	www.lists.apache.org/thread.html/rf21b368769ae70de4dee840a3228721ae442f1d51ad8742003aefe39%40%3Cusers.tomcat.apache.org%3E
lists	www.lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1%40%3Cissues.activemq.apache.org%3E

06 May 2026 22:30Current

6.8Medium risk

Vulners AI Score6.8

CVSS 25.1

CVSS 38.1

EPSS0.3676

CWE-284