5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.969 High
EPSS
Percentile
99.6%
This update corrects several security vulnerabilities in the Tomcat
component shipped as part of Red Hat Network Satellite Server. In a
typical operating environment, Tomcat is not exposed to users
of Satellite Server in a vulnerable manner. These security updates will
reduce risk in unique Satellite Server environments.
Multiple flaws were fixed in the Apache Tomcat package. (CVE-2008-1232,
CVE-2008-1947, CVE-2008-2370, CVE-2008-2938, CVE-2008-3271)
Users of Red Hat Network Satellite Server 5.0 or 5.1 are advised to update
to these Tomcat packages which resolve these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | noarch | tomcat5 | < 5.0.30-0jpp_12rh | tomcat5-5.0.30-0jpp_12rh.noarch.rpm |