Lucene search

K
redhatcveRedhat.comRH:CVE-2016-6325
HistoryOct 10, 2016 - 8:47 a.m.

CVE-2016-6325

2016-10-1008:47:27
redhat.com
access.redhat.com
15

0.0004 Low

EPSS

Percentile

10.4%

It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.