Lucene search

K
f5F5F5:K61414056
HistoryOct 20, 2016 - 12:00 a.m.

K61414056 : Apache Tomcat vulnerability CVE-2016-5425

2016-10-2000:00:00
my.f5.com
56

AI Score

7.7

Confidence

High

EPSS

0.001

Percentile

48.0%

Security Advisory Description

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group. (CVE-2016-5425)
Impact
There is no impact; F5 products are not affected by this vulnerability.