CVE-2016-5425

2016-10-10T08:17:29
ID RH:CVE-2016-5425
Type redhatcve
Reporter redhat.com
Modified 2020-08-18T14:08:40

Description

It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.