Lucene search
OracleLinuxELSA-2020-2530HistoryJun 11, 2020 - 12:00 a.m.
tomcat security update
2020-06-1100:00:00
linux.oracle.com
22
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
[0:7.0.76-12]
- Resolves: CVE-2020-9484 tomcat: Apache Tomcat Remote Code Execution via session persistence
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | tomcat | < 7.0.76-12.el7_8 | tomcat-7.0.76-12.el7_8.src.rpm |
| oracle linux | 7 | noarch | tomcat | < 7.0.76-12.el7_8 | tomcat-7.0.76-12.el7_8.noarch.rpm |
| oracle linux | 7 | noarch | tomcat-admin-webapps | < 7.0.76-12.el7_8 | tomcat-admin-webapps-7.0.76-12.el7_8.noarch.rpm |
| oracle linux | 7 | noarch | tomcat-docs-webapp | < 7.0.76-12.el7_8 | tomcat-docs-webapp-7.0.76-12.el7_8.noarch.rpm |
| oracle linux | 7 | noarch | tomcat-el-2.2-api | < 7.0.76-12.el7_8 | tomcat-el-2.2-api-7.0.76-12.el7_8.noarch.rpm |
| oracle linux | 7 | noarch | tomcat-javadoc | < 7.0.76-12.el7_8 | tomcat-javadoc-7.0.76-12.el7_8.noarch.rpm |
| oracle linux | 7 | noarch | tomcat-jsp-2.2-api | < 7.0.76-12.el7_8 | tomcat-jsp-2.2-api-7.0.76-12.el7_8.noarch.rpm |
| oracle linux | 7 | noarch | tomcat-jsvc | < 7.0.76-12.el7_8 | tomcat-jsvc-7.0.76-12.el7_8.noarch.rpm |
| oracle linux | 7 | noarch | tomcat-lib | < 7.0.76-12.el7_8 | tomcat-lib-7.0.76-12.el7_8.noarch.rpm |
| oracle linux | 7 | noarch | tomcat-servlet-3.0-api | < 7.0.76-12.el7_8 | tomcat-servlet-3.0-api-7.0.76-12.el7_8.noarch.rpm |
Related
nessus
nessus
GLSA-202006-21 : Apache Tomcat: Remote code execution
2020-06-17 00:00:00
Apache Tomcat 8.5.x < 8.5.63 Multiple Vulnerabilities
2021-03-05 00:00:00
Amazon Linux 2 : tomcat (ALASTOMCAT8.5-2023-008)
2023-09-27 00:00:00
openvas
openvas
openSUSE: Security Advisory for tomcat (openSUSE-SU-2020:0711-1)
2020-05-25 00:00:00
Apache Tomcat RCE Vulnerability - May20 (Linux)
2020-05-25 00:00:00
CentOS: Security Advisory for tomcat (CESA-2020:2530)
2020-06-12 00:00:00
osv
osv
tomcat7 - security update
2020-05-23 00:00:00
Potential remote code execution in Apache Tomcat
2020-05-21 18:52:29
BIT-tomcat-2020-9484
2024-03-06 11:10:32
fedora
fedora
[SECURITY] Fedora 31 Update: tomcat-9.0.36-1.fc31
2020-06-23 01:14:05
[SECURITY] Fedora 32 Update: tomcat-9.0.36-1.fc32
2020-06-23 01:22:02
tomcat
tomcat
Fixed in Apache Tomcat 7.0.104
2020-05-16 00:00:00
Fixed in Apache Tomcat 10.0.0-M5
2020-05-11 00:00:00
Fixed in Apache Tomcat 9.0.35
2020-05-11 00:00:00
broadcom
broadcom
BSA-2022-1839
2022-05-03 00:00:00
github
github
Potential remote code execution in Apache Tomcat
2020-05-21 18:52:29
Race condition in Apache Tomcat
2022-02-01 00:45:44
Potential remote code execution in Apache Tomcat
2021-03-19 20:11:13
githubexploit
githubexploit
Exploit for Deserialization of Untrusted Data in Apache Tomcat
2021-03-01 11:16:04
Exploit for Deserialization of Untrusted Data in Apache Tomcat
2020-06-04 14:19:12
Exploit for Deserialization of Untrusted Data in Apache Tomcat
2021-05-18 13:26:18
redhatcve
redhatcve
mageia
mageia
Updated tomcat packages fix security vulnerability
2020-07-05 14:26:44
Updated tomcat packages fix security vulnerabilities
2021-07-20 13:46:47
archlinux
archlinux
[ASA-202006-6] tomcat7: arbitrary code execution
2020-06-06 00:00:00
[ASA-202006-7] tomcat9: arbitrary code execution
2020-06-06 00:00:00
[ASA-202006-5] tomcat8: arbitrary code execution
2020-06-06 00:00:00
redhat
redhat
(RHSA-2020:2506) Important: Red Hat JBoss Web Server 5.3.1 security update
2020-06-10 16:09:35
(RHSA-2020:2487) Important: Red Hat JBoss Web Server 3.1 Service Pack 9 security update
2020-06-10 15:00:02
(RHSA-2020:2530) Important: tomcat security update
2020-06-11 08:51:20
debian
debian
[SECURITY] [DLA 2217-1] tomcat7 security update
2020-05-23 17:27:59
[SECURITY] [DLA 2279-1] tomcat8 security update
2020-07-12 21:11:35
[SECURITY] [DSA 5265-1] tomcat9 security update
2022-10-29 21:59:51
suse
suse
Security update for tomcat (important)
2020-05-25 00:00:00
Security update for tomcat (important)
2021-04-02 00:00:00
oraclelinux
oraclelinux
tomcat6 security update
2020-06-12 00:00:00
tomcat security and bug fix update
2020-10-06 00:00:00
veracode
veracode
Remote Code Execution
2020-05-21 03:52:01
Remote Code Execution (RCE)
2021-03-02 07:51:38
Remote Code Execution
2021-03-03 06:05:38
ubuntucve
ubuntucve
debiancve
debiancve
amazon
amazon
Important: tomcat8
2020-06-23 06:47:00
Important: tomcat7
2020-06-23 06:45:00
Important: tomcat
2020-06-26 22:56:00
nuclei
nuclei
Apache Tomcat Remote Command Execution
2020-07-03 05:39:02
f5
f5
K03121171 : Apache Tomcat vulnerability CVE-2020-9484
2020-05-27 00:00:00
K28409053 : Apache Tomcat vulnerability CVE-2022-23181
2022-02-18 00:00:00
K73648110 : Apache Tomcat vulnerability CVE-2021-25329
2021-03-16 00:00:00
atlassian
atlassian
Upgrade Apache Tomcat 8.5.50 - version affected by CVE-2020-9484
2020-06-25 04:59:30
Upgrade Apache Tomcat 8.5.50 - version affected by CVE-2020-9484
2020-06-25 04:59:30
Update Tomcat to version 8.5.75 to address CVE-2020-9484/CVE-2022-23181
2022-02-08 16:45:17
ibm
ibm
Security Bulletin: Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (CVE-2020-9484)
2020-07-24 22:19:08
kaspersky
kaspersky
KLA11785 Security vulnerability in Apache Tomcat
2020-05-11 00:00:00
KLA11784 Security vulnerability in Apache Tomcat
2020-05-16 00:00:00
gentoo
gentoo
Apache Tomcat: Remote code execution
2020-06-15 00:00:00
centos
centos
tomcat security update
2020-06-11 21:13:08
prion
prion
Deserialization of untrusted data
2020-05-20 19:15:00
Code injection
2022-01-27 13:15:00
Design/Logic Flaw
2021-03-01 12:15:00
cve
cve
freebsd
freebsd
Apache Tomcat Remote Code Execution via session persistence
2020-05-12 00:00:00
attackerkb
attackerkb
CVE-2020-9484 — PersistentManager Java deserialization vulnerability
2020-05-20 00:00:00
photon
photon
ubuntu
ubuntu
Tomcat vulnerabilities
2020-08-04 00:00:00
Tomcat vulnerabilities
2020-10-21 00:00:00
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
Related for ELSA-2020-2530