CVE-2016-0706
Published on: 02/24/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:13 PM UTC
Certain versions of Tomcat from Apache contain the following vulnerability:
Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allows remote authenticated users to bypass intended SecurityManager restrictions and read arbitrary HTTP requests, and consequently discover session ID values, via a crafted web application.
- CVE-2016-0706 has been assigned by
[email protected] to track the vulnerability - currently rated as MEDIUM severity.
CVSS3 Score: 4.3 - MEDIUM
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|
---|---|---|---|---|
NETWORK | LOW | LOW | NONE | |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
|
UNCHANGED | LOW | NONE | NONE |
CVSS2 Score: 4 - MEDIUM
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | LOW | SINGLE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
PARTIAL | NONE | NONE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
Oracle Solaris Bulletin - April 2016 | www.oracle.com text/html |
![]() |
'[security bulletin] HPSBUX03561 rev.1 - HPE HP-UX using Apache Tomcat, Remote Access Restriction Byp' - MARC | Third Party Advisory marc.info text/html |
![]() |
Pony Mail! | lists.apache.org text/html |
![]() |
Pony Mail! | lists.apache.org text/html |
![]() |
Red Hat Customer Portal | web.archive.org text/html Inactive LinkNot Archived |
![]() |
[Apache-SVN] Revision 1722799 | Issue Tracking svn.apache.org text/html |
![]() |
Red Hat Customer Portal | web.archive.org text/html Inactive LinkNot Archived |
![]() |
Debian -- Security Information -- DSA-3609-1 tomcat8 | Third Party Advisory www.debian.org Depreciated Link text/html |
![]() |
CPU July 2018 | www.oracle.com text/html |
![]() |
[security-announce] SUSE-SU-2016:0769-1: important: Security update for | lists.opensuse.org text/html |
![]() |
Pony Mail! | lists.apache.org text/html |
![]() |
Oracle Linux Bulletin - October 2016 | www.oracle.com text/html |
![]() |
Bugtraq: [SECURITY] CVE-2016-0706 Apache Tomcat Security Manager bypass | Mailing List seclists.org text/html |
![]() |
[security-announce] SUSE-SU-2016:0822-1: important: Security update for | lists.opensuse.org text/html |
![]() |
Oracle Critical Patch Update - October 2016 | www.oracle.com text/html |
![]() |
[Apache-SVN] Revision 1722800 | svn.apache.org text/html |
![]() |
[security-announce] openSUSE-SU-2016:0865-1: important: Security update | lists.opensuse.org text/html |
![]() |
February 2016 Apache Tomcat Vulnerabilities in NetApp Products | NetApp Product Security | security.netapp.com text/html |
![]() |
Pony Mail! | lists.apache.org text/html |
![]() |
Red Hat Customer Portal | access.redhat.com text/html |
![]() |
Document Display | HPE Support Center | Third Party Advisory h20566.www2.hpe.com text/html |
![]() |
Document Display | HPE Support Center | Third Party Advisory h20566.www2.hpe.com text/html |
![]() |
Red Hat Customer Portal | web.archive.org text/html Inactive LinkNot Archived |
![]() |
Apache Tomcat Security Manager CVE-2016-0706 Information Disclosure Vulnerability | cve.report (archive) text/html |
![]() |
USN-3024-1: Tomcat vulnerabilities | Ubuntu | Third Party Advisory www.ubuntu.com text/html |
![]() |
Debian -- Security Information -- DSA-3530-1 tomcat6 | Mailing List Third Party Advisory www.debian.org Depreciated Link text/html |
![]() |
[Apache-SVN] Revision 1722801 | Issue Tracking svn.apache.org text/html |
![]() |
Red Hat Customer Portal | web.archive.org text/html Inactive LinkNot Archived |
![]() |
No Description Provided | rhn.redhat.com Inactive LinkNot Archived |
![]() |
Pony Mail! | lists.apache.org text/html |
![]() |
Broadcom Support Portal | bto.bluecoat.com text/html |
![]() |
Document Display | HPE Support Center | Vendor Advisory h20566.www2.hpe.com text/html |
![]() |
[security-announce] SUSE-SU-2016:0839-1: important: Security update for | lists.opensuse.org text/html |
![]() |
Apache Tomcat® - Apache Tomcat 7 vulnerabilities | Vendor Advisory tomcat.apache.org text/html |
![]() |
Apache Tomcat® - Apache Tomcat 8 vulnerabilities | Vendor Advisory tomcat.apache.org text/html |
![]() |
Apache Tomcat Bugs Let Remote Users Bypass Security Restrictions, Hijack Sessions, and Obtain Potentially Sensitive Information - SecurityTracker | www.securitytracker.com text/html |
![]() |
Pony Mail! | lists.apache.org text/html |
![]() |
Apache Tomcat: Multiple vulnerabilities (GLSA 201705-09) — Gentoo Security | security.gentoo.org text/html |
![]() |
Pony Mail! | lists.apache.org text/html |
![]() |
Red Hat Customer Portal | access.redhat.com text/html |
![]() |
[Apache-SVN] Revision 1722802 | Issue Tracking svn.apache.org text/html |
![]() |
Oracle Critical Patch Update - October 2017 | www.oracle.com text/html |
![]() |
Apache Tomcat - Apache Tomcat 8 vulnerabilities | Vendor Advisory tomcat.apache.org text/html |
![]() |
Debian -- Security Information -- DSA-3552-1 tomcat7 | Third Party Advisory www.debian.org Depreciated Link text/html |
![]() |
Apache Tomcat® - Apache Tomcat 6 vulnerabilities | Vendor Advisory tomcat.apache.org text/html |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Apache | Tomcat | 6.0.0 | All | All | All |
Application | Apache | Tomcat | 6.0.0 | alpha | All | All |
Application | Apache | Tomcat | 6.0.1 | All | All | All |
Application | Apache | Tomcat | 6.0.1 | alpha | All | All |
Application | Apache | Tomcat | 6.0.10 | All | All | All |
Application | Apache | Tomcat | 6.0.11 | All | All | All |
Application | Apache | Tomcat | 6.0.13 | All | All | All |
Application | Apache | Tomcat | 6.0.14 | All | All | All |
Application | Apache | Tomcat | 6.0.16 | All | All | All |
Application | Apache | Tomcat | 6.0.18 | All | All | All |
Application | Apache | Tomcat | 6.0.2 | All | All | All |
Application | Apache | Tomcat | 6.0.2 | alpha | All | All |
Application | Apache | Tomcat | 6.0.2 | beta | All | All |
Application | Apache | Tomcat | 6.0.20 | All | All | All |
Application | Apache | Tomcat | 6.0.24 | All | All | All |
Application | Apache | Tomcat | 6.0.26 | All | All | All |
Application | Apache | Tomcat | 6.0.28 | All | All | All |
Application | Apache | Tomcat | 6.0.29 | All | All | All |
Application | Apache | Tomcat | 6.0.30 | All | All | All |
Application | Apache | Tomcat | 6.0.32 | All | All | All |
Application | Apache | Tomcat | 6.0.33 | All | All | All |
Application | Apache | Tomcat | 6.0.35 | All | All | All |
Application | Apache | Tomcat | 6.0.36 | All | All | All |
Application | Apache | Tomcat | 6.0.37 | All | All | All |
Application | Apache | Tomcat | 6.0.39 | All | All | All |
Application | Apache | Tomcat | 6.0.4 | All | All | All |
Application | Apache | Tomcat | 6.0.4 | alpha | All | All |
Application | Apache | Tomcat | 6.0.41 | All | All | All |
Application | Apache | Tomcat | 6.0.43 | All | All | All |
Application | Apache | Tomcat | 6.0.44 | All | All | All |
Application | Apache | Tomcat | 7.0.0 | beta | All | All |
Application | Apache | Tomcat | 7.0.10 | All | All | All |
Application | Apache | Tomcat | 7.0.11 | All | All | All |
Application | Apache | Tomcat | 7.0.12 | All | All | All |
Application | Apache | Tomcat | 7.0.14 | All | All | All |
Application | Apache | Tomcat | 7.0.16 | All | All | All |
Application | Apache | Tomcat | 7.0.19 | All | All | All |
Application | Apache | Tomcat | 7.0.2 | beta | All | All |
Application | Apache | Tomcat | 7.0.20 | All | All | All |
Application | Apache | Tomcat | 7.0.21 | All | All | All |
Application | Apache | Tomcat | 7.0.22 | All | All | All |
Application | Apache | Tomcat | 7.0.23 | All | All | All |
Application | Apache | Tomcat | 7.0.25 | All | All | All |
Application | Apache | Tomcat | 7.0.26 | All | All | All |
Application | Apache | Tomcat | 7.0.27 | All | All | All |
Application | Apache | Tomcat | 7.0.28 | All | All | All |
Application | Apache | Tomcat | 7.0.29 | All | All | All |
Application | Apache | Tomcat | 7.0.30 | All | All | All |
Application | Apache | Tomcat | 7.0.32 | All | All | All |
Application | Apache | Tomcat | 7.0.33 | All | All | All |
Application | Apache | Tomcat | 7.0.34 | All | All | All |
Application | Apache | Tomcat | 7.0.35 | All | All | All |
Application | Apache | Tomcat | 7.0.37 | All | All | All |
Application | Apache | Tomcat | 7.0.39 | All | All | All |
Application | Apache | Tomcat | 7.0.4 | beta | All | All |
Application | Apache | Tomcat | 7.0.40 | All | All | All |
Application | Apache | Tomcat | 7.0.41 | All | All | All |
Application | Apache | Tomcat | 7.0.42 | All | All | All |
Application | Apache | Tomcat | 7.0.47 | All | All | All |
Application | Apache | Tomcat | 7.0.5 | beta | All | All |
Application | Apache | Tomcat | 7.0.50 | All | All | All |
Application | Apache | Tomcat | 7.0.52 | All | All | All |
Application | Apache | Tomcat | 7.0.53 | All | All | All |
Application | Apache | Tomcat | 7.0.54 | All | All | All |
Application | Apache | Tomcat | 7.0.55 | All | All | All |
Application | Apache | Tomcat | 7.0.56 | All | All | All |
Application | Apache | Tomcat | 7.0.57 | All | All | All |
Application | Apache | Tomcat | 7.0.59 | All | All | All |
Application | Apache | Tomcat | 7.0.6 | All | All | All |
Application | Apache | Tomcat | 7.0.61 | All | All | All |
Application | Apache | Tomcat | 7.0.62 | All | All | All |
Application | Apache | Tomcat | 7.0.63 | All | All | All |
Application | Apache | Tomcat | 7.0.64 | All | All | All |
Application | Apache | Tomcat | 7.0.65 | All | All | All |
Application | Apache | Tomcat | 7.0.67 | All | All | All |
Application | Apache | Tomcat | 8.0.0 | rc1 | All | All |
Application | Apache | Tomcat | 8.0.0 | rc10 | All | All |
Application | Apache | Tomcat | 8.0.0 | rc3 | All | All |
Application | Apache | Tomcat | 8.0.0 | rc5 | All | All |
Application | Apache | Tomcat | 8.0.1 | All | All | All |
Application | Apache | Tomcat | 8.0.11 | All | All | All |
Application | Apache | Tomcat | 8.0.12 | All | All | All |
Application | Apache | Tomcat | 8.0.14 | All | All | All |
Application | Apache | Tomcat | 8.0.15 | All | All | All |
Application | Apache | Tomcat | 8.0.17 | All | All | All |
Application | Apache | Tomcat | 8.0.18 | All | All | All |
Application | Apache | Tomcat | 8.0.20 | All | All | All |
Application | Apache | Tomcat | 8.0.21 | All | All | All |
Application | Apache | Tomcat | 8.0.22 | All | All | All |
Application | Apache | Tomcat | 8.0.23 | All | All | All |
Application | Apache | Tomcat | 8.0.24 | All | All | All |
Application | Apache | Tomcat | 8.0.26 | All | All | All |
Application | Apache | Tomcat | 8.0.27 | All | All | All |
Application | Apache | Tomcat | 8.0.28 | All | All | All |
Application | Apache | Tomcat | 8.0.29 | All | All | All |
Application | Apache | Tomcat | 8.0.3 | All | All | All |
Application | Apache | Tomcat | 8.0.30 | All | All | All |
Application | Apache | Tomcat | 9.0.0 | m1 | All | All |
Application | Apache | Tomcat | 6.0.0 | All | All | All |
Application | Apache | Tomcat | 6.0.0 | alpha | All | All |
Application | Apache | Tomcat | 6.0.1 | All | All | All |
Application | Apache | Tomcat | 6.0.1 | alpha | All | All |
Application | Apache | Tomcat | 6.0.10 | All | All | All |
Application | Apache | Tomcat | 6.0.11 | All | All | All |
Application | Apache | Tomcat | 6.0.13 | All | All | All |
Application | Apache | Tomcat | 6.0.14 | All | All | All |
Application | Apache | Tomcat | 6.0.16 | All | All | All |
Application | Apache | Tomcat | 6.0.18 | All | All | All |
Application | Apache | Tomcat | 6.0.2 | All | All | All |
Application | Apache | Tomcat | 6.0.2 | alpha | All | All |
Application | Apache | Tomcat | 6.0.2 | beta | All | All |
Application | Apache | Tomcat | 6.0.20 | All | All | All |
Application | Apache | Tomcat | 6.0.24 | All | All | All |
Application | Apache | Tomcat | 6.0.26 | All | All | All |
Application | Apache | Tomcat | 6.0.28 | All | All | All |
Application | Apache | Tomcat | 6.0.29 | All | All | All |
Application | Apache | Tomcat | 6.0.30 | All | All | All |
Application | Apache | Tomcat | 6.0.32 | All | All | All |
Application | Apache | Tomcat | 6.0.33 | All | All | All |
Application | Apache | Tomcat | 6.0.35 | All | All | All |
Application | Apache | Tomcat | 6.0.36 | All | All | All |
Application | Apache | Tomcat | 6.0.37 | All | All | All |
Application | Apache | Tomcat | 6.0.39 | All | All | All |
Application | Apache | Tomcat | 6.0.4 | All | All | All |
Application | Apache | Tomcat | 6.0.4 | alpha | All | All |
Application | Apache | Tomcat | 6.0.41 | All | All | All |
Application | Apache | Tomcat | 6.0.43 | All | All | All |
Application | Apache | Tomcat | 6.0.44 | All | All | All |
Application | Apache | Tomcat | 7.0.0 | beta | All | All |
Application | Apache | Tomcat | 7.0.10 | All | All | All |
Application | Apache | Tomcat | 7.0.11 | All | All | All |
Application | Apache | Tomcat | 7.0.12 | All | All | All |
Application | Apache | Tomcat | 7.0.14 | All | All | All |
Application | Apache | Tomcat | 7.0.16 | All | All | All |
Application | Apache | Tomcat | 7.0.19 | All | All | All |
Application | Apache | Tomcat | 7.0.2 | beta | All | All |
Application | Apache | Tomcat | 7.0.20 | All | All | All |
Application | Apache | Tomcat | 7.0.21 | All | All | All |
Application | Apache | Tomcat | 7.0.22 | All | All | All |
Application | Apache | Tomcat | 7.0.23 | All | All | All |
Application | Apache | Tomcat | 7.0.25 | All | All | All |
Application | Apache | Tomcat | 7.0.26 | All | All | All |
Application | Apache | Tomcat | 7.0.27 | All | All | All |
Application | Apache | Tomcat | 7.0.28 | All | All | All |
Application | Apache | Tomcat | 7.0.29 | All | All | All |
Application | Apache | Tomcat | 7.0.30 | All | All | All |
Application | Apache | Tomcat | 7.0.32 | All | All | All |
Application | Apache | Tomcat | 7.0.33 | All | All | All |
Application | Apache | Tomcat | 7.0.34 | All | All | All |
Application | Apache | Tomcat | 7.0.35 | All | All | All |
Application | Apache | Tomcat | 7.0.37 | All | All | All |
Application | Apache | Tomcat | 7.0.39 | All | All | All |
Application | Apache | Tomcat | 7.0.4 | beta | All | All |
Application | Apache | Tomcat | 7.0.40 | All | All | All |
Application | Apache | Tomcat | 7.0.41 | All | All | All |
Application | Apache | Tomcat | 7.0.42 | All | All | All |
Application | Apache | Tomcat | 7.0.47 | All | All | All |
Application | Apache | Tomcat | 7.0.5 | beta | All | All |
Application | Apache | Tomcat | 7.0.50 | All | All | All |
Application | Apache | Tomcat | 7.0.52 | All | All | All |
Application | Apache | Tomcat | 7.0.53 | All | All | All |
Application | Apache | Tomcat | 7.0.54 | All | All | All |
Application | Apache | Tomcat | 7.0.55 | All | All | All |
Application | Apache | Tomcat | 7.0.56 | All | All | All |
Application | Apache | Tomcat | 7.0.57 | All | All | All |
Application | Apache | Tomcat | 7.0.59 | All | All | All |
Application | Apache | Tomcat | 7.0.6 | All | All | All |
Application | Apache | Tomcat | 7.0.61 | All | All | All |
Application | Apache | Tomcat | 7.0.62 | All | All | All |
Application | Apache | Tomcat | 7.0.63 | All | All | All |
Application | Apache | Tomcat | 7.0.64 | All | All | All |
Application | Apache | Tomcat | 7.0.65 | All | All | All |
Application | Apache | Tomcat | 7.0.67 | All | All | All |
Application | Apache | Tomcat | 8.0.0 | rc1 | All | All |
Application | Apache | Tomcat | 8.0.0 | rc10 | All | All |
Application | Apache | Tomcat | 8.0.0 | rc3 | All | All |
Application | Apache | Tomcat | 8.0.0 | rc5 | All | All |
Application | Apache | Tomcat | 8.0.1 | All | All | All |
Application | Apache | Tomcat | 8.0.11 | All | All | All |
Application | Apache | Tomcat | 8.0.12 | All | All | All |
Application | Apache | Tomcat | 8.0.14 | All | All | All |
Application | Apache | Tomcat | 8.0.15 | All | All | All |
Application | Apache | Tomcat | 8.0.17 | All | All | All |
Application | Apache | Tomcat | 8.0.18 | All | All | All |
Application | Apache | Tomcat | 8.0.20 | All | All | All |
Application | Apache | Tomcat | 8.0.21 | All | All | All |
Application | Apache | Tomcat | 8.0.22 | All | All | All |
Application | Apache | Tomcat | 8.0.23 | All | All | All |
Application | Apache | Tomcat | 8.0.24 | All | All | All |
Application | Apache | Tomcat | 8.0.26 | All | All | All |
Application | Apache | Tomcat | 8.0.27 | All | All | All |
Application | Apache | Tomcat | 8.0.28 | All | All | All |
Application | Apache | Tomcat | 8.0.29 | All | All | All |
Application | Apache | Tomcat | 8.0.3 | All | All | All |
Application | Apache | Tomcat | 8.0.30 | All | All | All |
Application | Apache | Tomcat | 9.0.0 | m1 | All | All |
Operating System | Canonical | Ubuntu Linux | 12.04 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 15.10 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 12.04 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 15.10 | All | All | All |
Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
Operating System | Debian | Debian Linux | 7.0 | All | All | All |
Operating System | Debian | Debian Linux | 8.0 | All | All | All |
Operating System | Debian | Debian Linux | 7.0 | All | All | All |
Operating System | Debian | Debian Linux | 8.0 | All | All | All |
- cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.44:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.5:beta:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.59:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.61:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.62:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.63:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.64:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.65:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.67:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.0:rc3:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.17:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.18:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.20:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.21:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.22:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.23:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.24:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.26:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.27:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.28:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.29:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.30:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:9.0.0:m1:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:6.0.44:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.5:beta:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.59:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.61:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.62:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.63:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.64:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.65:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:7.0.67:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.0:rc3:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.17:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.18:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.20:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.21:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.22:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.23:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.24:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.26:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.27:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.28:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.29:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:8.0.30:*:*:*:*:*:*:*:
- cpe:2.3:a:apache:tomcat:9.0.0:m1:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*:
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*:
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*:
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*:
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*:
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE