SUSE CVE-2016-0763

🗓️ 15 Feb 2023 05:09:14Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 1 Views

Flaw in ResourceLinkFactory.setGlobalContext allows remote authenticated users to bypass SecurityManager and cause DoS in Tomcat.

Reporter	Title	Published	Views	Family All 151
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Apache Tomcat affect the IBM FlashSystem models 840 and 900	18 Feb 202301:45	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Apache Tomcat affect IBM SAN Volume Controller and Storwize Family	29 Mar 202301:48	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Team Server shipped with Jazz Reporting Service (CVE-2015-5345, CVE-2015-5346, CVE-2015-5351, CVE-2016-0706, CVE-2016-0714, CVE-2016-0763, CVE-2015-5174)	17 Jun 201805:10	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in Apache Tomcat affects Rational Reporting for Development Intelligence (CVE-2015-5174)	17 Jun 201805:14	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities in Apache Tomcat affects multiple IBM Rational products based on IBM's Jazz technology (CVE-2015-5345, CVE-2015-5346, CVE-2015-5351, CVE-2016-0706, CVE-2015-5174, others)	28 Apr 202118:35	–	ibm
IBM Security Bulletins	Security bulletin: Rational Directory Server (Tivoli) is affected by Apache Tomcat vulnerabilities	17 Jun 201805:11	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple OpenSource Apache Tomcat vulnerabilities in IBM Algo Audit and Compliance	15 Jun 201822:45	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in tomcat affect Power Hardware Management Console	23 Sep 202101:31	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Apache Tomcat may affect IBM WebSphere Application Server Community Edition	15 Jun 201807:05	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability OpenSource Apache Tomcat affects IBM Algorithmics Algo Risk Application - CVE-2015-5345 CVE-2015-5346 CVE-2016-0706 CVE-2016-0714 CVE-2016-0763	15 Jun 201822:44	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
SUSE Linux Enterprise Server	12	any	tomcat	7.0.68-7.6.1	tomcat-7.0.68-7.6.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	12	any	tomcat	7.0.68-7.6.1	tomcat-7.0.68-7.6.1.noarch.rpm
SUSE Linux Enterprise Server	12.1	any	tomcat	8.0.32-3.1	tomcat-8.0.32-3.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	12.1	any	tomcat	8.0.32-3.1	tomcat-8.0.32-3.1.noarch.rpm
SUSE Linux Enterprise Server	12.2	any	tomcat	8.0.36-11.4	tomcat-8.0.36-11.4.noarch.rpm
OpenSUSE Tumbleweed	–	any	tomcat	8.0.36-3.3	tomcat-8.0.36-3.3.noarch.rpm
SUSE Linux Enterprise Server	12.3	any	tomcat	8.0.43-23.1	tomcat-8.0.43-23.1.noarch.rpm
SUSE Linux Enterprise Server	16.0	any	tomcat	9.0.108-160000.1.2	tomcat-9.0.108-160000.1.2.noarch.rpm
SUSE Linux Enterprise Server	12.4	any	tomcat	9.0.12-1.7	tomcat-9.0.12-1.7.noarch.rpm
SUSE Linux Enterprise Server	12.5	any	tomcat	9.0.21-3.13.2	tomcat-9.0.21-3.13.2.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2016-0763
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/967966
bugzilla	www.bugzilla.suse.com/971085
lists	www.lists.suse.com/pipermail/sle-security-updates/2016-March/001940.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2016-March/001957.html
suse	www.suse.com/support/kb/doc/
suse	www.suse.com/support/kb/doc/
lists	www.lists.opensuse.org/archives/list/[email protected]/thread/J2YPI4F6E4ZO2KQ6XN55WTMWMICRAMNY/

06 Feb 2026 03:37Current

8.4High risk

Vulners AI Score8.4

CVSS 36.3

EPSS0.00286

resource link factory security manager bypass remote authenticated data access risk denial of service tomcat vulnerability