Page 16 of 163 results (0.016 seconds)

CVSS: 7.5EPSS: 0%CPEs: 34EXPL: 0

CVE-2016-6796 – tomcat: security manager bypass via JSP Servlet config parameters

https://notcve.org/view.php?id=CVE-2016-6796

A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet. Una aplicación web maliciosa en Apache Tomcat 9.0.0.M1 a 9.0.0.M9, 8.5.0 a 8.5.4, 8.0.0.RC1 a 8.0.36, 7.0.0 a 7.0.70, y 6.0.0 a 6.0.45 era capaz de eludir un SecurityManager configurado mediante la manipulación de los parámetros de configuración para el Servlet JSP. It was discovered that a malicious web application could bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet. • http://rhn.redhat.com/errata/RHSA-2017-0457.html http://rhn.redhat.com/errata/RHSA-2017-1551.html http://www.debian.org/security/2016/dsa-3720 http://www.securityfocus.com/bid/93944 http://www.securitytracker.com/id/1037141 http://www.securitytracker.com/id/1038757 https://access.redhat.com/errata/RHSA-2017:0455 https://access.redhat.com/errata/RHSA-2017:0456 https://access.redhat.com/errata/RHSA-2017:1548 https://access.redhat.com/errata/RHSA-2017:1549 https:/& •

CVSS: 9.1EPSS: 0%CPEs: 33EXPL: 1

CVE-2016-5018 – tomcat: security manager bypass via IntrospectHelper utility function

https://notcve.org/view.php?id=CVE-2016-5018

In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications. En Apache Tomcat 9.0.0.M1 a 9.0.0.M9, 8.5.0 a 8.5.4, 8.0.0.RC1 a 8.0.36, 7.0.0 a 7.0.70, y 6.0.0 a 6.0.45 una aplicación web maliciosa era capaz de omitir un SecurityManager configurado mediante un método utility Tomcat accesible para las aplicaciones web. It was discovered that a malicious web application could bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications. • http://packetstormsecurity.com/files/155873/Tomcat-9.0.0.M1-Sandbox-Escape.html http://rhn.redhat.com/errata/RHSA-2017-0457.html http://rhn.redhat.com/errata/RHSA-2017-1551.html http://www.debian.org/security/2016/dsa-3720 http://www.securityfocus.com/bid/93942 http://www.securitytracker.com/id/1037142 http://www.securitytracker.com/id/1038757 https://access.redhat.com/errata/RHSA-2017:0455 https://access.redhat.com/errata/RHSA-2017:0456 https://access.redhat.com/err •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2016-8627 – admin-cli: Potential EAP resource starvation DOS attack via GET requests for server log files

https://notcve.org/view.php?id=CVE-2016-8627

admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an EAP feature to download server log files that allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired. admin-cli, en versiones anteriores a la 3.0.0.alpha25 y 2.2.1.cr2, es vulnerable a que una característica EAP descargue archivos de registro del servidor, lo que permite que estos estén disponibles mediante peticiones GET. Esto hace que sean vulnerables a ataques de Cross-Origin. Un atacante podría provocar que el navegador del usuario solicite los archivos de registro, consumiendo tantos recursos que el funcionamiento normal del servidor se vería afectado. An EAP feature to download server log files allows logs to be available via GET requests making them vulnerable to cross-origin attacks. • http://rhn.redhat.com/errata/RHSA-2017-0170.html http://rhn.redhat.com/errata/RHSA-2017-0171.html http://rhn.redhat.com/errata/RHSA-2017-0172.html http://rhn.redhat.com/errata/RHSA-2017-0173.html http://rhn.redhat.com/errata/RHSA-2017-0244.html http://rhn.redhat.com/errata/RHSA-2017-0245.html http://rhn.redhat.com/errata/RHSA-2017-0246.html http://rhn.redhat.com/errata/RHSA-2017-0247.html http://rhn.redhat.com/errata/RHSA-2017-0250.html http://www • CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2016-7061 – EAP: Sensitive data can be exposed at the server level in domain mode

https://notcve.org/view.php?id=CVE-2016-7061

An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. Se ha detectado una vulnerabilidad de divulgación de información en JBoss Enterprise Application Platform en versiones anteriores a la 7.0.4. Se ha descubierto que, al configurar RBAC y marcar información como sensible, los usuarios con rol Monitor pueden visualizar dicha información sensible It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information. • http://rhn.redhat.com/errata/RHSA-2017-0170.html http://rhn.redhat.com/errata/RHSA-2017-0171.html http://rhn.redhat.com/errata/RHSA-2017-0172.html http://rhn.redhat.com/errata/RHSA-2017-0173.html http://rhn.redhat.com/errata/RHSA-2017-0244.html http://rhn.redhat.com/errata/RHSA-2017-0245.html http://rhn.redhat.com/errata/RHSA-2017-0246.html http://rhn.redhat.com/errata/RHSA-2017-0247.html http://rhn.redhat.com/errata/RHSA-2017-0250.html http://www • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 1

CVE-2016-7065 – Red Hat JBoss EAP - Deserialization of Untrusted Data

https://notcve.org/view.php?id=CVE-2016-7065

The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) 4 and 5 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object. El servlet JMX en Red Hat JBoss Enterprise Application Platform (EAP) 4 y 5 permite a usuarios remotos autenticados provocar una denegación de servicio y posiblemente ejecutar código arbitrario a través de un objeto Java serializado manipulado. • https://www.exploit-db.com/exploits/40842 http://seclists.org/fulldisclosure/2016/Nov/143 http://www.securityfocus.com/bid/93462 https://bugzilla.redhat.com/show_bug.cgi?id=1382534 • CWE-502: Deserialization of Untrusted Data •