8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
71.8%
Package : tomcat6
Version : 6.0.45-1~deb6u1
CVE ID : CVE-2015-5174 CVE-2015-5345 CVE-2015-5351
CVE-2016-0706 CVE-2016-0714 CVE-2016-0763
Tomcat 6, an implementation of the Java Servlet and the JavaServer
Pages (JSP) specifications and a pure Java web server environment, was
affected by multiple security issues prior version 6.0.45.
CVE-2015-5174
Directory traversal vulnerability in RequestUtil.java in Apache
Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27
allows remote authenticated users to bypass intended SecurityManager
restrictions and list a parent directory via a /… (slash dot dot)
in a pathname used by a web application in a getResource,
getResourceAsStream, or getResourcePaths call, as demonstrated by
the $CATALINA_BASE/webapps directory.
CVE-2015-5345
The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before
7.0.67, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes
redirects before considering security constraints and Filters, which
allows remote attackers to determine the existence of a directory
via a URL that lacks a trailing / (slash) character.
CVE-2015-5351
The Manager and Host Manager applications in Apache Tomcat
establish sessions and send CSRF tokens for arbitrary new requests,
which allows remote attackers to bypass a CSRF protection mechanism
by using a token.
CVE-2016-0706
Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before
8.0.31, and 9.x before 9.0.0.M2 does not place
org.apache.catalina.manager.StatusManagerServlet on the org/apache
/catalina/core/RestrictedServlets.properties list, which allows
remote authenticated users to bypass intended SecurityManager
restrictions and read arbitrary HTTP requests, and consequently
discover session ID values, via a crafted web application.
CVE-2016-0714
The session-persistence implementation in Apache Tomcat 6.x before
6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before
9.0.0.M2 mishandles session attributes, which allows remote
authenticated users to bypass intended SecurityManager restrictions
and execute arbitrary code in a privileged context via a web
application that places a crafted object in a session.
CVE-2016-0763
The setGlobalContext method in org/apache/naming/factory
/ResourceLinkFactory.java in Apache Tomcat does not consider whether
ResourceLinkFactory.setGlobalContext callers are authorized, which
allows remote authenticated users to bypass intended SecurityManager
restrictions and read or write to arbitrary application data, or
cause a denial of service (application disruption), via a web
application that sets a crafted global context.
For Debian 6 "Squeeze", these problems have been fixed in version
6.0.45-1~deb6u1.
We recommend that you upgrade your tomcat6 packages.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 8 | all | libtomcat7-java | < 7.0.56-3+deb8u2 | libtomcat7-java_7.0.56-3+deb8u2_all.deb |
Debian | 8 | all | tomcat7-admin | < 7.0.56-3+deb8u2 | tomcat7-admin_7.0.56-3+deb8u2_all.deb |
Debian | 7 | all | tomcat6-admin | < 6.0.45+dfsg-1~deb7u1 | tomcat6-admin_6.0.45+dfsg-1~deb7u1_all.deb |
Debian | 7 | all | libservlet2.5-java | < 6.0.45+dfsg-1~deb7u1 | libservlet2.5-java_6.0.45+dfsg-1~deb7u1_all.deb |
Debian | 7 | all | tomcat6-extras | < 6.0.45+dfsg-1~deb7u1 | tomcat6-extras_6.0.45+dfsg-1~deb7u1_all.deb |
Debian | 8 | all | libservlet3.1-java-doc | < 8.0.14-1+deb8u2 | libservlet3.1-java-doc_8.0.14-1+deb8u2_all.deb |
Debian | 7 | all | libtomcat7-java | < 7.0.28-4+deb7u4 | libtomcat7-java_7.0.28-4+deb7u4_all.deb |
Debian | 6 | all | libservlet2.5-java | < 6.0.45-1~deb6u1 | libservlet2.5-java_6.0.45-1~deb6u1_all.deb |
Debian | 6 | all | tomcat6-examples | < 6.0.45-1~deb6u1 | tomcat6-examples_6.0.45-1~deb6u1_all.deb |
Debian | 8 | all | tomcat8-admin | < 8.0.14-1+deb8u2 | tomcat8-admin_8.0.14-1+deb8u2_all.deb |
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
71.8%