CVE-2016-0763
tomcat: security manager bypass via setGlobalContext()
Severity Score
6.3
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote authenticated users to bypass intended SecurityManager restrictions and read or write to arbitrary application data, or cause a denial of service (application disruption), via a web application that sets a crafted global context.
El método setGlobalContext en org/apache/naming/factory/ResourceLinkFactory.java en Apache Tomcat 7.x en versiones anteriores a 7.0.68, 8.x en versiones anteriores a 8.0.31 y 9.x en versiones anteriores a 9.0.0.M3 no considera si los que llaman a ResourceLinkFactory.setGlobalContext están autorizados, lo que permite a usuarios remotos autenticados eludir las restricciones de SecurityManager previstas y leer o escribir a datos de aplicación arbitrarios, o provocar una denegación de servicio (interrupción de aplicación), a través de una aplicación web que establece un contexto global manipulado.
A security manager bypass flaw was found in Tomcat that could allow remote, authenticated users to access arbitrary application data, potentially resulting in a denial of service.
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. This release of Red Hat JBoss Web Server 2.1.2 serves as a replacement for Red Hat JBoss Web Server 2.1.1. It contains security fixes for the Tomcat 7 component. Only users of the Tomcat 7 component in JBoss Web Server need to apply the fixes delivered in this release. Security Fix: A CSRF flaw was found in Tomcat's the index pages for the Manager and Host Manager applications. These applications included a valid CSRF token when issuing a redirect as a result of an unauthenticated request to the root of the web application. This token could then be used by an attacker to perform a CSRF attack.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-12-16 CVE Reserved
- 2016-02-23 CVE Published
- 2024-08-05 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
- CWE-287: Improper Authentication
CAPEC
References (35)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 7.0 Search vendor "Debian" for product "Debian Linux" and version "7.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.0 Search vendor "Apache" for product "Tomcat" and version "7.0.0" | beta |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.2 Search vendor "Apache" for product "Tomcat" and version "7.0.2" | beta |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.4 Search vendor "Apache" for product "Tomcat" and version "7.0.4" | beta |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.5 Search vendor "Apache" for product "Tomcat" and version "7.0.5" | beta |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.6 Search vendor "Apache" for product "Tomcat" and version "7.0.6" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.10 Search vendor "Apache" for product "Tomcat" and version "7.0.10" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.11 Search vendor "Apache" for product "Tomcat" and version "7.0.11" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.12 Search vendor "Apache" for product "Tomcat" and version "7.0.12" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.14 Search vendor "Apache" for product "Tomcat" and version "7.0.14" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.16 Search vendor "Apache" for product "Tomcat" and version "7.0.16" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.19 Search vendor "Apache" for product "Tomcat" and version "7.0.19" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.20 Search vendor "Apache" for product "Tomcat" and version "7.0.20" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.21 Search vendor "Apache" for product "Tomcat" and version "7.0.21" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.22 Search vendor "Apache" for product "Tomcat" and version "7.0.22" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.23 Search vendor "Apache" for product "Tomcat" and version "7.0.23" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.25 Search vendor "Apache" for product "Tomcat" and version "7.0.25" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.26 Search vendor "Apache" for product "Tomcat" and version "7.0.26" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.27 Search vendor "Apache" for product "Tomcat" and version "7.0.27" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.28 Search vendor "Apache" for product "Tomcat" and version "7.0.28" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.29 Search vendor "Apache" for product "Tomcat" and version "7.0.29" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.30 Search vendor "Apache" for product "Tomcat" and version "7.0.30" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.32 Search vendor "Apache" for product "Tomcat" and version "7.0.32" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.33 Search vendor "Apache" for product "Tomcat" and version "7.0.33" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.34 Search vendor "Apache" for product "Tomcat" and version "7.0.34" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.35 Search vendor "Apache" for product "Tomcat" and version "7.0.35" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.37 Search vendor "Apache" for product "Tomcat" and version "7.0.37" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.39 Search vendor "Apache" for product "Tomcat" and version "7.0.39" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.40 Search vendor "Apache" for product "Tomcat" and version "7.0.40" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.41 Search vendor "Apache" for product "Tomcat" and version "7.0.41" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.42 Search vendor "Apache" for product "Tomcat" and version "7.0.42" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.47 Search vendor "Apache" for product "Tomcat" and version "7.0.47" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.50 Search vendor "Apache" for product "Tomcat" and version "7.0.50" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.52 Search vendor "Apache" for product "Tomcat" and version "7.0.52" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.53 Search vendor "Apache" for product "Tomcat" and version "7.0.53" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.54 Search vendor "Apache" for product "Tomcat" and version "7.0.54" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.55 Search vendor "Apache" for product "Tomcat" and version "7.0.55" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.56 Search vendor "Apache" for product "Tomcat" and version "7.0.56" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.57 Search vendor "Apache" for product "Tomcat" and version "7.0.57" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.59 Search vendor "Apache" for product "Tomcat" and version "7.0.59" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.61 Search vendor "Apache" for product "Tomcat" and version "7.0.61" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.62 Search vendor "Apache" for product "Tomcat" and version "7.0.62" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.63 Search vendor "Apache" for product "Tomcat" and version "7.0.63" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.64 Search vendor "Apache" for product "Tomcat" and version "7.0.64" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.65 Search vendor "Apache" for product "Tomcat" and version "7.0.65" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 7.0.67 Search vendor "Apache" for product "Tomcat" and version "7.0.67" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.0 Search vendor "Apache" for product "Tomcat" and version "8.0.0" | rc1 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.0 Search vendor "Apache" for product "Tomcat" and version "8.0.0" | rc10 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.0 Search vendor "Apache" for product "Tomcat" and version "8.0.0" | rc3 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.0 Search vendor "Apache" for product "Tomcat" and version "8.0.0" | rc5 |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.1 Search vendor "Apache" for product "Tomcat" and version "8.0.1" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.3 Search vendor "Apache" for product "Tomcat" and version "8.0.3" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.11 Search vendor "Apache" for product "Tomcat" and version "8.0.11" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.12 Search vendor "Apache" for product "Tomcat" and version "8.0.12" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.14 Search vendor "Apache" for product "Tomcat" and version "8.0.14" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.15 Search vendor "Apache" for product "Tomcat" and version "8.0.15" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.17 Search vendor "Apache" for product "Tomcat" and version "8.0.17" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.18 Search vendor "Apache" for product "Tomcat" and version "8.0.18" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.20 Search vendor "Apache" for product "Tomcat" and version "8.0.20" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.21 Search vendor "Apache" for product "Tomcat" and version "8.0.21" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.22 Search vendor "Apache" for product "Tomcat" and version "8.0.22" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.23 Search vendor "Apache" for product "Tomcat" and version "8.0.23" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.24 Search vendor "Apache" for product "Tomcat" and version "8.0.24" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.26 Search vendor "Apache" for product "Tomcat" and version "8.0.26" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.27 Search vendor "Apache" for product "Tomcat" and version "8.0.27" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.28 Search vendor "Apache" for product "Tomcat" and version "8.0.28" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.29 Search vendor "Apache" for product "Tomcat" and version "8.0.29" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 8.0.30 Search vendor "Apache" for product "Tomcat" and version "8.0.30" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Tomcat Search vendor "Apache" for product "Tomcat" | 9.0.0 Search vendor "Apache" for product "Tomcat" and version "9.0.0" | milestone1 |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 15.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "15.10" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | lts |
Affected
| ||||||