tomcat: tomcat writable config files allow privilege escalation

🗓️ 10 Oct 2016 20:38:52Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 5 Views

Tomcat writable config files enable privilege escalation via group writable files read by the initialization script.

Reporter	Title	Published	Views	Family All 75
IBM Security Bulletins	Security Bulletin: Resilient is vulnerable to Using Components with Known Vulnerabilities	19 Apr 202121:45	–	ibm
IBM Security Bulletins	Security Bulletin: OpenSSL vulnerabilities affect IBM Rational Team Concert (CVE-2016-1240, CVE-2016-6797, etc)	28 Apr 202118:35	–	ibm
IBM Security Bulletins	Security Bulletin:Vulnerabilities in Apache Tomcat and OpenSSL affect Rational BuildForge	17 Jun 201805:18	–	ibm
Tenable Nessus	Apache ActiveMQ 5.x < 5.15.5 Multiple Vulnerabilities	30 Aug 201800:00	–	nessus
Tenable Nessus	Amazon Linux AMI : tomcat6 / tomcat7,tomcat8 (ALAS-2016-764)	11 Nov 201600:00	–	nessus
Tenable Nessus	CentOS 6 : tomcat6 (CESA-2016:2045) (httpoxy)	12 Oct 201600:00	–	nessus
Tenable Nessus	CentOS 7 : tomcat (CESA-2016:2046) (httpoxy)	12 Oct 201600:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP1 : tomcat (EulerOS-SA-2016-1049)	1 May 201700:00	–	nessus
Tenable Nessus	Fedora 25 : 1:tomcat (2016-38e5b05260) (httpoxy)	21 Nov 201600:00	–	nessus
Tenable Nessus	Fedora 23 : 1:tomcat (2016-4094bd4ad6) (httpoxy)	14 Nov 201600:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	6	any	tomcat6	0:6.0.24-98.el6_8.noarch	tomcat6-0:6.0.24-98.el6_8.noarch.noarch.rpm
Red Hat Enterprise Linux	6	any	tomcat6-admin-webapps	0:6.0.24-98.el6_8.noarch	tomcat6-admin-webapps-0:6.0.24-98.el6_8.noarch.noarch.rpm
Red Hat Enterprise Linux	6	any	tomcat6-docs-webapp	0:6.0.24-98.el6_8.noarch	tomcat6-docs-webapp-0:6.0.24-98.el6_8.noarch.noarch.rpm
Red Hat Enterprise Linux	6	any	tomcat6-el-2.1-api	0:6.0.24-98.el6_8.noarch	tomcat6-el-2.1-api-0:6.0.24-98.el6_8.noarch.noarch.rpm
Red Hat Enterprise Linux	6	any	tomcat6-javadoc	0:6.0.24-98.el6_8.noarch	tomcat6-javadoc-0:6.0.24-98.el6_8.noarch.noarch.rpm
Red Hat Enterprise Linux	6	any	tomcat6-jsp-2.1-api	0:6.0.24-98.el6_8.noarch	tomcat6-jsp-2.1-api-0:6.0.24-98.el6_8.noarch.noarch.rpm
Red Hat Enterprise Linux	6	any	tomcat6-lib	0:6.0.24-98.el6_8.noarch	tomcat6-lib-0:6.0.24-98.el6_8.noarch.noarch.rpm
Red Hat Enterprise Linux	6	any	tomcat6-servlet-2.5-api	0:6.0.24-98.el6_8.noarch	tomcat6-servlet-2.5-api-0:6.0.24-98.el6_8.noarch.noarch.rpm
Red Hat Enterprise Linux	6	any	tomcat6-webapps	0:6.0.24-98.el6_8.noarch	tomcat6-webapps-0:6.0.24-98.el6_8.noarch.noarch.rpm

Source	Link
access	www.access.redhat.com/security/cve/CVE-2016-6325
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2016-6325
cve	www.cve.org/CVERecord

14 May 2026 22:23Current

7.3High risk

Vulners AI Score7.3

CVSS 27.2

CVSS 37.8

EPSS0.00078

tomcat packages configuration files group writable privilege escalation initialization script