Privilege Escalation

2019-05-2000:08:58

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 is vulnerable to privilege escalation attacks. Due to the setting of weak permissions in (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, a member of the group or a malicious web application deployed on Tomcat is allowed to escalate their privileges.

CPENameOperatorVersion
tomcat8eq8.0.18__52_patch_01.ep7.el6
tomcat8eq8.0.18__62_patch_01.ep7.el7
tomcat8eq8.0.18__62_patch_01.ep7.el6
tomcat8eq8.0.18__15_patch_00.ep7.el7
tomcat8eq8.0.18__25_patch_00.ep7.el7
tomcat8eq8.0.18__15_patch_00.ep7.el6
tomcat8eq8.0.18__52_patch_01.ep7.el7
tomcat8eq8.0.18__25_patch_00.ep7.el6
tomcat8eq8.0.18__61_patch_01.ep7.el7
tomcat8eq8.0.18__61_patch_01.ep7.el6

Name	Operator	Version
tomcat8	eq	8.0.18__52_patch_01.ep7.el6
tomcat8	eq	8.0.18__62_patch_01.ep7.el7
tomcat8	eq	8.0.18__62_patch_01.ep7.el6
tomcat8	eq	8.0.18__15_patch_00.ep7.el7
tomcat8	eq	8.0.18__25_patch_00.ep7.el7
tomcat8	eq	8.0.18__15_patch_00.ep7.el6
tomcat8	eq	8.0.18__52_patch_01.ep7.el7
tomcat8	eq	8.0.18__25_patch_00.ep7.el6
tomcat8	eq	8.0.18__61_patch_01.ep7.el7
tomcat8	eq	8.0.18__61_patch_01.ep7.el6