Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM1D7A9620014C4105B221C6CDF92C1FEE1B525AEE56A16CA716E6FAE637E873E0
HistorySep 23, 2021 - 1:31 a.m.

Security Bulletin: Vulnerabilities in Apache Tomcat affect Power Hardware Management Console (CVE-2016-3092)

2021-09-2301:31:39
www.ibm.com
16

EPSS

0.043

Percentile

92.3%

JSON

Summary

Apache Tomcat is used by Power Hardware Management Console (HMC). HMC has addressed the applicable CVEs

Vulnerability Details

CVEID: CVE-2016-3092**
DESCRIPTION:** Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/114336 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

Power HMC V7.3.0.0
Power HMC V7.9.0.0
Power HMC V8.1.0.0
Power HMC V8.2.0.0
Power HMC V8.3.0.0
Power HMC V8.4.0.0
Power HMC V8.5.0.0

Remediation/Fixes

The following fixes are available on IBM Fix Central at: <http://www-933.ibm.com/support/fixcentral/&gt;

Product

|

VRMF

|

APAR

|

Remediation/Fix

—|—|—|—

Power HMC

|

V7.7.3.0 SP7

|

MB04028

|

MH01643

Power HMC

|

V7.7.9.0 SP3

|

MB04029

|

MH01644

Power HMC

|

V8.8.1.0 SP3

|

MB04030

|

MH01645

Power HMC

|

V8.8.2.0 SP2

|

MB04031

|

MH01646

Power HMC

|

V8.8.3.0 SP2

|

MB04032

|

MH01647

Power HMC

|

V8.8.4.0 SP1

|

MB04033

|

MH01648

Power HMC

|

V8.8.5.0

|

MB04035

|

MH01651

Related

checkpoint_advisories 1
ibm 95
ubuntucve 1
redhat 7
openvas 23
fedora 3
atlassian 4
debian 6
nessus 27
tomcat 3
freebsd 2
amazon 1
f5 2
myhack58 1
nvd 2
ubuntu 1
cvelist 2
prion 2
cve 2
osv 5
veracode 2
debiancve 1
mageia 1
jvn 1
github 2
redhatcve 1
gentoo 1
checkpoint_advisories
checkpoint_advisories
Apache Commons FileUpload Denial Of Service (CVE-2016-3092)
2016-07-31 00:00:00
ibm
ibm
Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2016-3092)
2018-06-17 15:28:43
Security Bulletin: Vulnerability in Apache Commons FileUpload affects IBM InfoSphere Information Server (CVE-2016-3092)
2018-06-16 13:42:16
Security Bulletin: Vulnerability in Open Source Apache Tomcat , Commons FileUpload Vulnerabilities IBM Algorithmics AlgoCore
2018-06-15 22:46:28
ubuntucve
ubuntucve
CVE-2016-3092
2016-06-23 00:00:00
redhat
redhat
(RHSA-2016:2071) Moderate: Red Hat JBoss Enterprise Application Platform 6.4.11 update
2016-10-17 18:09:50
(RHSA-2016:2070) Moderate: Red Hat JBoss Enterprise Application Platform 6.4.11 update on RHEL 5
2016-10-17 18:09:40
(RHSA-2016:2069) Moderate: Red Hat JBoss Enterprise Application Platform 6.4.11 update on RHEL 7
2016-10-17 18:09:27
openvas
openvas
Apache Tomcat 'MultipartStream' Class DoS Vulnerability - Windows
2016-07-13 00:00:00
Debian: Security Advisory (DSA-3611-1)
2016-07-07 00:00:00
Amazon Linux: Security Advisory (ALAS-2016-736)
2016-10-26 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: tomcat-8.0.36-2.fc25
2016-09-01 13:43:39
[SECURITY] Fedora 24 Update: tomcat-8.0.36-2.fc24
2016-09-01 17:01:05
[SECURITY] Fedora 23 Update: tomcat-8.0.36-2.fc23
2016-09-01 18:56:38
atlassian
atlassian
Upgrade Tomcat to 8.0.36 or later
2016-07-14 14:22:05
Upgrade commons-fileupload to version >= 1.3.2
2016-07-20 08:22:15
Upgrade Tomcat to 8.0.36 or later
2016-07-14 14:22:05
debian
debian
[SECURITY] [DSA 3614-1] tomcat7 security update
2016-07-02 12:54:16
[SECURITY] [DSA 3614-1] tomcat7 security update
2016-07-02 12:54:16
[SECURITY] [DSA 3611-1] libcommons-fileupload-java security update
2016-06-30 08:44:01
nessus
nessus
Apache Tomcat 9.0.0.M1 < 9.0.0.M8
2024-05-23 00:00:00
Apache Tomcat 8.5.0 < 8.5.3
2024-05-23 00:00:00
Fedora 24 : 1:tomcat (2016-2b0c16fd82)
2016-09-02 00:00:00
tomcat
tomcat
Fixed in Apache Tomcat 8.5.3 and 8.0.36
2016-06-13 00:00:00
Fixed in Apache Tomcat 9.0.0.M8
2016-06-13 00:00:00
Fixed in Apache Tomcat 7.0.70
2016-06-20 00:00:00
freebsd
freebsd
Apache Commons FileUpload -- denial of service
2016-06-21 00:00:00
Apache Commons FileUpload -- denial of service (DoS) vulnerability
2016-06-20 00:00:00
amazon
amazon
Medium: tomcat7, tomcat8
2016-08-17 13:30:00
f5
f5
SOL82392041 - Apache Commons FileUpload vulnerability CVE-2016-3092
2016-07-19 00:00:00
K82392041 : Apache Commons FileUpload vulnerability CVE-2016-3092
2016-07-19 00:00:00
myhack58
myhack58
Apache Commons Fileupload 1.3.1 DOS(CVE-2016-3092)-vulnerability warning-the black bar safety net
2017-06-15 00:00:00
nvd
nvd
CVE-2016-3092
2016-07-04 22:59:04
CVE-2017-1000394
2018-01-26 02:29:00
ubuntu
ubuntu
Tomcat vulnerability
2016-07-06 00:00:00
cvelist
cvelist
CVE-2016-3092
2016-07-04 22:00:00
CVE-2017-1000394
2018-01-26 02:00:00
prion
prion
Design/Logic Flaw
2016-07-04 22:59:00
Design/Logic Flaw
2018-01-26 02:29:00
cve
cve
CVE-2016-3092
2016-07-04 22:59:04
CVE-2017-1000394
2018-01-26 02:29:00
osv
osv
libcommons-fileupload-java - security update
2016-06-26 00:00:00
High severity vulnerability that affects commons-fileupload:commons-fileupload
2018-12-21 17:47:47
tomcat7 - security update
2016-06-26 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:13:41
Denial Of Service (DoS)
2017-04-04 03:24:03
debiancve
debiancve
CVE-2016-3092
2016-07-04 22:59:04
mageia
mageia
Updated tomcat/apache-commons-fileupload packages fix security vulnerability
2016-07-27 00:16:28
jvn
jvn
JVN#89379547: Apache Commons FileUpload vulnerable to denial-of-service (DoS)
2016-06-30 00:00:00
github
github
High severity vulnerability that affects commons-fileupload:commons-fileupload
2018-12-21 17:47:47
Improper Input Validation in Jenkins
2022-05-14 01:04:31
redhatcve
redhatcve
CVE-2017-1000394
2017-11-21 11:20:50
gentoo
gentoo
Apache Commons FileUpload: Multiple vulnerabilities
2021-07-17 00:00:00

EPSS

0.043

Percentile

92.3%

JSON
Related for 1D7A9620014C4105B221C6CDF92C1FEE1B525AEE56A16CA716E6FAE637E873E0
checkpoint_advisories1ibm95ubuntucve1redhat7openvas23fedora3atlassian4debian6nessus27tomcat3freebsd2amazon1f52myhack581nvd2ubuntu1cvelist2prion2cve2osv5veracode2debiancve1mageia1jvn1github2redhatcve1gentoo1