Action not permitted
Modal body text goes here.
CVE-2014-7810
Vulnerability from cvelistv5
Published
2015-06-07 23:00
Modified
2024-08-06 13:03
Severity ?
EPSS score ?
Summary
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T13:03:26.984Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2016:0492", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0492.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964" }, { "name": "USN-2654-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2654-1" }, { "name": "RHSA-2015:1622", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1622.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018" }, { "name": "DSA-3530", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3530" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://tomcat.apache.org/security-7.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642" }, { "name": "HPSBUX03561", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2" }, { "name": "RHSA-2016:2046", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://tomcat.apache.org/security-8.html" }, { "name": "DSA-3428", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3428" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://tomcat.apache.org/security-6.html" }, { "name": "74665", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/74665" }, { "name": "1032330", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1032330" }, { "name": "USN-2655-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2655-1" }, { "name": "RHSA-2015:1621", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1621.html" }, { "name": "DSA-3447", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3447" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" }, { "name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-05-14T00:00:00", "descriptions": [ { "lang": "en", "value": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-02-13T16:10:04", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2016:0492", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0492.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964" }, { "name": "USN-2654-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2654-1" }, { "name": "RHSA-2015:1622", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1622.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018" }, { "name": "DSA-3530", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3530" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://tomcat.apache.org/security-7.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642" }, { "name": "HPSBUX03561", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2" }, { "name": "RHSA-2016:2046", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://tomcat.apache.org/security-8.html" }, { "name": "DSA-3428", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2015/dsa-3428" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://tomcat.apache.org/security-6.html" }, { "name": "74665", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/74665" }, { "name": "1032330", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1032330" }, { "name": "USN-2655-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2655-1" }, { "name": "RHSA-2015:1621", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1621.html" }, { "name": "DSA-3447", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3447" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" }, { "name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2014-7810", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2016:0492", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0492.html" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964" }, { "name": "USN-2654-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2654-1" }, { "name": "RHSA-2015:1622", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1622.html" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" }, { "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018" }, { "name": "DSA-3530", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3530" }, { "name": "http://tomcat.apache.org/security-7.html", "refsource": "CONFIRM", "url": "http://tomcat.apache.org/security-7.html" }, { "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642" }, { "name": "HPSBUX03561", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2" }, { "name": "RHSA-2016:2046", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html" }, { "name": "http://tomcat.apache.org/security-8.html", "refsource": "CONFIRM", "url": "http://tomcat.apache.org/security-8.html" }, { "name": "DSA-3428", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3428" }, { "name": "http://tomcat.apache.org/security-6.html", "refsource": "CONFIRM", "url": "http://tomcat.apache.org/security-6.html" }, { "name": "74665", "refsource": "BID", "url": "http://www.securityfocus.com/bid/74665" }, { "name": "1032330", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032330" }, { "name": "USN-2655-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2655-1" }, { "name": "RHSA-2015:1621", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1621.html" }, { "name": "DSA-3447", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3447" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" }, { "name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-7810", "datePublished": "2015-06-07T23:00:00", "dateReserved": "2014-10-03T00:00:00", "dateUpdated": "2024-08-06T13:03:26.984Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2014-7810\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2015-06-07T23:59:03.580\",\"lastModified\":\"2024-11-21T02:18:03.213\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.\"},{\"lang\":\"es\",\"value\":\"La implementaci\u00f3n Expression Language (EL) en Apache Tomcat 6.x anterior a 6.0.44, 7.x anterior a 7.0.58, y 8.x anterior a 8.0.16 no considera correctamente la posibilidad de una interfaz accesible implementada por una clase no accesible, lo que permite a atacantes evadir un mecanismo de protecci\u00f3n SecurityManager a trav\u00e9s de una aplicaci\u00f3n web que aprovecha el uso de privilegios incorrectos durante la evaluaci\u00f3n EL.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E3C039-A949-4F1B-892A-57147EECB249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A354C34-A3FE-4B8A-9985-8874A0634BC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F28C7801-41B9-4552-BA1E-577967BCBBEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFE300CC-FD4A-444E-8506-E5E269D0A0A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25B21085-7259-4685-9D1F-FF98E6489E10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"F50A3EC9-516E-48A7-839B-A73F491B5B9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C28F09D-5CAA-4CA7-A2B5-3B2820F5F409\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"635EE321-2A1F-4FF8-95BE-0C26591969D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A81B035-8598-4D2C-B45F-C6C9D4B10C2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAC2FC75-97D2-4EA1-A1A0-F592A6D7C1F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1096947-82A6-4EA8-A4F2-00D91E3F7DAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4871FD1-7F8C-4677-A80B-4A0BBC71DD7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"31AB969A-9ACE-44EF-B2E5-CEC008F47C46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"06217215-72E4-4478-BACB-628A0836A645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C95ADA4-66F5-45C4-A677-ACE22367A75A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA810F3F-ADD3-4D3F-9DFC-DBDD87B3079C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11951A10-39A2-4FF5-8C43-DF94730FB794\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B79F2EA-C893-4359-80EC-24AE38D982E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"351E5BCF-A56B-4D91-BA3C-21A4B77D529A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DC2BBB4-171E-4EFF-A575-A5B7FF031755\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B6B0504-27C1-4824-A928-A878CBBAB32D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D903956B-14F5-4177-AF12-0A5F1846D3C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F847DC-A2F5-456C-9038-16A0E85F4C3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6B93A3A-D487-4CA1-8257-26F8FE287B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD8802B2-57E0-4AA6-BC8E-00DE60468569\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8461DF95-18DC-4BF5-A703-7F19DA88DC30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F4C9BCF-9C73-4991-B02F-E08C5DA06EBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2823789C-2CB6-4300-94DB-BDBE83ABA8E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5416C76-46ED-4CB1-A7F8-F24EA16DE7F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A61429EE-4331-430C-9830-58DCCBCBCB58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31B3593F-CEDF-423C-90F8-F88EED87DC3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE7862B2-E1FA-4E16-92CD-8918AB461D9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9E03BE3-60CC-4415-B993-D0BB00F87A30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE92E59A-FF0D-4D1A-8B12-CC41A7E1FD3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD64FE7-ABAF-49F3-B8D0-91C37C822F4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48E5E8C3-21AD-4230-B945-AB7DE66307B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4945C8C1-C71B-448B-9075-07C6C92599CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED4730B0-2E09-408B-AFD4-FE00F73700FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8DE8A8A-7643-4292-BCC1-758AE0940207\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9B54FCD-CF7C-47E2-8513-40419E47AF49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D87EFB6D-B626-469F-907C-40C771A55833\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6330B97B-8FC5-4D7E-A960-5D94EDD0C378\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F8C62EF-1B67-456A-9C66-755439CF8556\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"33E9607B-4D28-460D-896B-E4B7FA22441E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A819E245-D641-4F19-9139-6C940504F6E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C381275-10C5-4939-BCE3-0D1F3B3CB2EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"81A31CA0-A209-4C49-AA06-C38E165E5B68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7205475A-6D04-4042-B24E-1DA5A57029B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08022987-B36B-4F63-88A5-A8F59195DF4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AA563BF-A67A-477D-956A-167ABEF885C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF4B7557-EF35-451E-B55D-3296966695AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8980E61E-27BE-4858-82B3-C0E8128AF521\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8756BF9B-3E24-4677-87AE-31CE776541F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88CE057E-2092-4C98-8D0C-75CF439D0A9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F194580-EE6D-4E38-87F3-F0661262256B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9731BAA-4C6C-4259-B786-F577D8A90FA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F74A421-D019-4248-84B8-C70D4D9A8A95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05346F5A-FB52-4376-AAC7-9A5308216545\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"305688F2-50A6-41FB-8614-BC589DB9A789\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D24AA431-C436-4AA5-85DF-B9AAFF2548FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25966344-15D5-4101-9346-B06BFD2DFFF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11F4CBAC-27B1-4EFF-955A-A63B457D0578\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD55B338-9DBE-4643-ABED-A08964D3AF7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D4F710E-06EA-48F4-AC6A-6F143950F015\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C4936C2-0B2D-4C44-98C3-443090965F5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48453405-2319-4327-9F4C-6F70B49452C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49DD9544-6424-41A6-AEC0-EC19B8A10E71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4670E65-2E11-49A4-B661-57C2F60D411F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E8FF71D-4710-4FBB-9925-A6A26C450F7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31002A23-4788-4BC7-AE11-A3C2AA31716D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7144EDDF-8265-4642-8EEB-ED52527E0A26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF06B5C1-B9DD-4673-A101-56E1E593ACDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D731065-626B-4425-8E49-F708DD457824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3D850EA-E537-42C8-93B9-96E15CB26747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E037DA05-2BEF-4F64-B8BB-307247B6A05C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCAF1EB5-FB34-40FC-96ED-9D073890D8BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D395D95B-1F4A-420E-A0F6-609360AF7B69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BD221BA-0AB6-4972-8AD9-5D37AC07762F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E55B6565-96CB-4F6A-9A80-C3FB82F30546\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3300AFE-49A4-4904-B9A0-5679F09FA01E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED5125CC-05F9-4678-90DB-A5C7CD24AE6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BD93669-1B30-4BF8-AD7D-F60DD8D63CC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B904C74-B92E-4EAE-AE6C-78E2B844C3DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8C8C97F-6C9D-4647-AB8A-ADAA5536DDE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C6109D1-BC36-40C5-A02A-7AEBC949BAC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA8A7333-B4C3-4876-AE01-62F2FD315504\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92993E23-D805-407B-8B87-11CEEE8B212F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A11BD74-305C-41E2-95B1-5008EEF5FA5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"595442D0-9DB7-475A-AE30-8535B70E122E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B0BA92A-0BD3-4CE4-9465-95E949104BAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F944B72-B9EB-4EB8-AEA3-E0D7ADBE1305\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AA28D3A-3EE5-4F90-B8F5-4943F7607DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD3EB84-2ED2-49D4-8BC9-6398C2E46F0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEDF6E1A-0DD6-42AB-9510-F6F4B6002C91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C947E549-2459-4AFB-84A7-36BDA30B5F29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D55DF79-F9BE-4907-A4D8-96C4B11189ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14AB5787-82D7-4F78-BE93-4556AB7A7D0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8E9453E-BC9B-4F77-85FA-BA15AC55C245\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7EF0518-73F9-47DB-8946-A8334936BEFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95AA8778-7833-4572-A71B-5FD89938CE94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"242E47CE-EF69-4F8F-AB40-5AF2811674CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4752862B-7D26-4285-B8A0-CF082C758353\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*\",\"matchCriteriaId\":\"58EA7199-3373-4F97-9907-3A479A02155E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4693BD36-E522-4C8E-9667-8F3E14A05EF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BBBC5EA-012C-4C5D-A61B-BAF134B300DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A358FDF-C249-4D7A-9445-8B9E7D9D40AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFF96F96-34DB-4EB3-BF59-11220673FA26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDF3E379-47D2-4C86-8C6D-8B3C25A0E1C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E008F8-2F01-4DD8-853A-337B4B4163C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A776B25-6AF1-421B-8E47-2A7499F6B4D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"701424A2-BB06-44B5-B468-7164E4F95529\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BA6388C-5B6E-4651-8AE3-EBCCF61C27E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F9A5B7E-33A9-4651-9BE1-371A0064B661\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F99252E8-A59C-48E1-B251-718D7FB3E399\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E3C039-A949-4F1B-892A-57147EECB249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A354C34-A3FE-4B8A-9985-8874A0634BC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F28C7801-41B9-4552-BA1E-577967BCBBEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFE300CC-FD4A-444E-8506-E5E269D0A0A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25B21085-7259-4685-9D1F-FF98E6489E10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"F50A3EC9-516E-48A7-839B-A73F491B5B9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C28F09D-5CAA-4CA7-A2B5-3B2820F5F409\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"635EE321-2A1F-4FF8-95BE-0C26591969D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A81B035-8598-4D2C-B45F-C6C9D4B10C2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAC2FC75-97D2-4EA1-A1A0-F592A6D7C1F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1096947-82A6-4EA8-A4F2-00D91E3F7DAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4871FD1-7F8C-4677-A80B-4A0BBC71DD7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"31AB969A-9ACE-44EF-B2E5-CEC008F47C46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"06217215-72E4-4478-BACB-628A0836A645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C95ADA4-66F5-45C4-A677-ACE22367A75A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA810F3F-ADD3-4D3F-9DFC-DBDD87B3079C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11951A10-39A2-4FF5-8C43-DF94730FB794\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B79F2EA-C893-4359-80EC-24AE38D982E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"351E5BCF-A56B-4D91-BA3C-21A4B77D529A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DC2BBB4-171E-4EFF-A575-A5B7FF031755\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B6B0504-27C1-4824-A928-A878CBBAB32D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D903956B-14F5-4177-AF12-0A5F1846D3C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F847DC-A2F5-456C-9038-16A0E85F4C3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6B93A3A-D487-4CA1-8257-26F8FE287B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD8802B2-57E0-4AA6-BC8E-00DE60468569\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8461DF95-18DC-4BF5-A703-7F19DA88DC30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F4C9BCF-9C73-4991-B02F-E08C5DA06EBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2823789C-2CB6-4300-94DB-BDBE83ABA8E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5416C76-46ED-4CB1-A7F8-F24EA16DE7F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A61429EE-4331-430C-9830-58DCCBCBCB58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31B3593F-CEDF-423C-90F8-F88EED87DC3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE7862B2-E1FA-4E16-92CD-8918AB461D9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9E03BE3-60CC-4415-B993-D0BB00F87A30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE92E59A-FF0D-4D1A-8B12-CC41A7E1FD3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD64FE7-ABAF-49F3-B8D0-91C37C822F4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48E5E8C3-21AD-4230-B945-AB7DE66307B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4945C8C1-C71B-448B-9075-07C6C92599CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED4730B0-2E09-408B-AFD4-FE00F73700FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8DE8A8A-7643-4292-BCC1-758AE0940207\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9B54FCD-CF7C-47E2-8513-40419E47AF49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D87EFB6D-B626-469F-907C-40C771A55833\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6330B97B-8FC5-4D7E-A960-5D94EDD0C378\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F8C62EF-1B67-456A-9C66-755439CF8556\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"33E9607B-4D28-460D-896B-E4B7FA22441E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A819E245-D641-4F19-9139-6C940504F6E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C381275-10C5-4939-BCE3-0D1F3B3CB2EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"81A31CA0-A209-4C49-AA06-C38E165E5B68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7205475A-6D04-4042-B24E-1DA5A57029B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08022987-B36B-4F63-88A5-A8F59195DF4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AA563BF-A67A-477D-956A-167ABEF885C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF4B7557-EF35-451E-B55D-3296966695AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8980E61E-27BE-4858-82B3-C0E8128AF521\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8756BF9B-3E24-4677-87AE-31CE776541F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88CE057E-2092-4C98-8D0C-75CF439D0A9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F194580-EE6D-4E38-87F3-F0661262256B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9731BAA-4C6C-4259-B786-F577D8A90FA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F74A421-D019-4248-84B8-C70D4D9A8A95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05346F5A-FB52-4376-AAC7-9A5308216545\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"305688F2-50A6-41FB-8614-BC589DB9A789\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D24AA431-C436-4AA5-85DF-B9AAFF2548FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25966344-15D5-4101-9346-B06BFD2DFFF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11F4CBAC-27B1-4EFF-955A-A63B457D0578\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD55B338-9DBE-4643-ABED-A08964D3AF7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D4F710E-06EA-48F4-AC6A-6F143950F015\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C4936C2-0B2D-4C44-98C3-443090965F5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48453405-2319-4327-9F4C-6F70B49452C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49DD9544-6424-41A6-AEC0-EC19B8A10E71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4670E65-2E11-49A4-B661-57C2F60D411F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E8FF71D-4710-4FBB-9925-A6A26C450F7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31002A23-4788-4BC7-AE11-A3C2AA31716D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7144EDDF-8265-4642-8EEB-ED52527E0A26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF06B5C1-B9DD-4673-A101-56E1E593ACDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D731065-626B-4425-8E49-F708DD457824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3D850EA-E537-42C8-93B9-96E15CB26747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E037DA05-2BEF-4F64-B8BB-307247B6A05C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCAF1EB5-FB34-40FC-96ED-9D073890D8BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D395D95B-1F4A-420E-A0F6-609360AF7B69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BD221BA-0AB6-4972-8AD9-5D37AC07762F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E55B6565-96CB-4F6A-9A80-C3FB82F30546\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3300AFE-49A4-4904-B9A0-5679F09FA01E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED5125CC-05F9-4678-90DB-A5C7CD24AE6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BD93669-1B30-4BF8-AD7D-F60DD8D63CC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B904C74-B92E-4EAE-AE6C-78E2B844C3DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8C8C97F-6C9D-4647-AB8A-ADAA5536DDE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C6109D1-BC36-40C5-A02A-7AEBC949BAC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA8A7333-B4C3-4876-AE01-62F2FD315504\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92993E23-D805-407B-8B87-11CEEE8B212F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A11BD74-305C-41E2-95B1-5008EEF5FA5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"595442D0-9DB7-475A-AE30-8535B70E122E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B0BA92A-0BD3-4CE4-9465-95E949104BAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F944B72-B9EB-4EB8-AEA3-E0D7ADBE1305\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AA28D3A-3EE5-4F90-B8F5-4943F7607DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD3EB84-2ED2-49D4-8BC9-6398C2E46F0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEDF6E1A-0DD6-42AB-9510-F6F4B6002C91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C947E549-2459-4AFB-84A7-36BDA30B5F29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D55DF79-F9BE-4907-A4D8-96C4B11189ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14AB5787-82D7-4F78-BE93-4556AB7A7D0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8E9453E-BC9B-4F77-85FA-BA15AC55C245\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7EF0518-73F9-47DB-8946-A8334936BEFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95AA8778-7833-4572-A71B-5FD89938CE94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"242E47CE-EF69-4F8F-AB40-5AF2811674CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4752862B-7D26-4285-B8A0-CF082C758353\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*\",\"matchCriteriaId\":\"58EA7199-3373-4F97-9907-3A479A02155E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4693BD36-E522-4C8E-9667-8F3E14A05EF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BBBC5EA-012C-4C5D-A61B-BAF134B300DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A358FDF-C249-4D7A-9445-8B9E7D9D40AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFF96F96-34DB-4EB3-BF59-11220673FA26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDF3E379-47D2-4C86-8C6D-8B3C25A0E1C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61E008F8-2F01-4DD8-853A-337B4B4163C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A776B25-6AF1-421B-8E47-2A7499F6B4D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"701424A2-BB06-44B5-B468-7164E4F95529\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BA6388C-5B6E-4651-8AE3-EBCCF61C27E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F9A5B7E-33A9-4651-9BE1-371A0064B661\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F99252E8-A59C-48E1-B251-718D7FB3E399\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:hp:hp-ux:11.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FC82871-E47F-4431-AAE0-A714D7D22670\"}]}]}],\"references\":[{\"url\":\"http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1621.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1622.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0492.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2046.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://svn.apache.org/viewvc?view=revision\u0026revision=1644018\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://svn.apache.org/viewvc?view=revision\u0026revision=1645642\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://tomcat.apache.org/security-6.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-7.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-8.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3428\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3447\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3530\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/74665\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id/1032330\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2654-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2655-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1621.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1622.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0492.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2046.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://svn.apache.org/viewvc?view=revision\u0026revision=1644018\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://svn.apache.org/viewvc?view=revision\u0026revision=1645642\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://tomcat.apache.org/security-6.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-7.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-8.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3428\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3447\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3530\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/74665\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1032330\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2654-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2655-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}" } }
wid-sec-w-2023-1594
Vulnerability from csaf_certbund
Published
2023-06-28 22:00
Modified
2023-06-28 22:00
Summary
IBM Tivoli Network Manager: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Tivoli Network Manager ist eine Netzanalysesoftware für das Management komplexer Netze. Diese Software erfasst und verteilt Layer-2- und Layer-3-Netzdaten.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Tivoli Network Manager ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "IBM Tivoli Network Manager ist eine Netzanalysesoftware f\u00fcr das Management komplexer Netze. Diese Software erfasst und verteilt Layer-2- und Layer-3-Netzdaten.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in IBM Tivoli Network Manager ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows\n- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1594 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1594.json" }, { "category": "self", "summary": "WID-SEC-2023-1594 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1594" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/885316" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/884276" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/883428" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/883424" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/882926" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/882898" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/882888" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/880403" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/880401" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/880395" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/879855" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/879841" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/870546" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/870526" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/870508" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/870504" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/870500" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/870498" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/743933" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/739297" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/739271" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/739249" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/739247" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/739245" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/739243" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/738231" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/731931" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/730883" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/730871" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/730845" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/730835" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/730171" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/720307" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/720283" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/720265" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/718745" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/717345" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/717335" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/717327" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/717007" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/716573" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/712213" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/712199" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/570557" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/569765" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/569727" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/569717" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/305321" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/304091" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/304089" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/303663" }, { "category": "external", "summary": "IBM Security Advisory vom 2023-06-28", "url": "https://www.ibm.com/support/pages/node/303657" } ], "source_lang": "en-US", "title": "IBM Tivoli Network Manager: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-06-28T22:00:00.000+00:00", "generator": { "date": "2024-08-15T17:53:31.776+00:00", "engine": { "name": "BSI-WID", "version": "1.3.5" } }, "id": "WID-SEC-W-2023-1594", "initial_release_date": "2023-06-28T22:00:00.000+00:00", "revision_history": [ { "date": "2023-06-28T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM Tivoli Network Manager IP Edition \u003c 3.9 Fix Pack 5", "product": { "name": "IBM Tivoli Network Manager IP Edition \u003c 3.9 Fix Pack 5", "product_id": "T028343", "product_identification_helper": { "cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9_fix_pack_5" } } }, { "category": "product_name", "name": "IBM Tivoli Network Manager IP Edition \u003c 3.9", "product": { "name": "IBM Tivoli Network Manager IP Edition \u003c 3.9", "product_id": "T028344", "product_identification_helper": { "cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9" } } }, { "category": "product_name", "name": "IBM Tivoli Network Manager IP Edition \u003c 4.1.1", "product": { "name": "IBM Tivoli Network Manager IP Edition \u003c 4.1.1", "product_id": "T028345", "product_identification_helper": { "cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__4.1.1" } } }, { "category": "product_name", "name": "IBM Tivoli Network Manager IP Edition \u003c 4.2", "product": { "name": "IBM Tivoli Network Manager IP Edition \u003c 4.2", "product_id": "T028346", "product_identification_helper": { "cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__4.2" } } }, { "category": "product_name", "name": "IBM Tivoli Network Manager IP Edition \u003c 3.9.0.4", "product": { "name": "IBM Tivoli Network Manager IP Edition \u003c 3.9.0.4", "product_id": "T028347", "product_identification_helper": { "cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9.0.4" } } }, { "category": "product_name", "name": "IBM Tivoli Network Manager IP Edition \u003c 3.9.0.5", "product": { "name": "IBM Tivoli Network Manager IP Edition \u003c 3.9.0.5", "product_id": "T028348", "product_identification_helper": { "cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9.0.5" } } }, { "category": "product_name", "name": "IBM Tivoli Network Manager IP Edition \u003c 3.9 Fix Pack 4", "product": { "name": "IBM Tivoli Network Manager IP Edition \u003c 3.9 Fix Pack 4", "product_id": "T028349", "product_identification_helper": { "cpe": "cpe:/a:ibm:tivoli_network_manager:ip_edition__3.9_fix_pack_4" } } } ], "category": "product_name", "name": "Tivoli Network Manager" } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-4046", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2019-4046" }, { "cve": "CVE-2019-4030", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2019-4030" }, { "cve": "CVE-2019-2684", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2019-2684" }, { "cve": "CVE-2019-2602", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2019-2602" }, { "cve": "CVE-2019-2537", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2019-2537" }, { "cve": "CVE-2019-2534", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2019-2534" }, { "cve": "CVE-2019-2531", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2019-2531" }, { "cve": "CVE-2019-2529", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2019-2529" }, { "cve": "CVE-2019-2503", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2019-2503" }, { "cve": "CVE-2019-2482", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2019-2482" }, { "cve": "CVE-2019-2481", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2019-2481" }, { "cve": "CVE-2019-2455", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2019-2455" }, { "cve": "CVE-2019-1559", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2019-1559" }, { "cve": "CVE-2019-0220", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2019-0220" }, { "cve": "CVE-2018-8039", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-8039" }, { "cve": "CVE-2018-5407", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-5407" }, { "cve": "CVE-2018-3282", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3282" }, { "cve": "CVE-2018-3278", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3278" }, { "cve": "CVE-2018-3276", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3276" }, { "cve": "CVE-2018-3251", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3251" }, { "cve": "CVE-2018-3247", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3247" }, { "cve": "CVE-2018-3174", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3174" }, { "cve": "CVE-2018-3156", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3156" }, { "cve": "CVE-2018-3143", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3143" }, { "cve": "CVE-2018-3123", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3123" }, { "cve": "CVE-2018-3084", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3084" }, { "cve": "CVE-2018-3082", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3082" }, { "cve": "CVE-2018-3081", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3081" }, { "cve": "CVE-2018-3080", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3080" }, { "cve": "CVE-2018-3079", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3079" }, { "cve": "CVE-2018-3078", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3078" }, { "cve": "CVE-2018-3077", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3077" }, { "cve": "CVE-2018-3075", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3075" }, { "cve": "CVE-2018-3074", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3074" }, { "cve": "CVE-2018-3073", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3073" }, { "cve": "CVE-2018-3071", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3071" }, { "cve": "CVE-2018-3070", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3070" }, { "cve": "CVE-2018-3067", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3067" }, { "cve": "CVE-2018-3066", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3066" }, { "cve": "CVE-2018-3065", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3065" }, { "cve": "CVE-2018-3064", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3064" }, { "cve": "CVE-2018-3063", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3063" }, { "cve": "CVE-2018-3062", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3062" }, { "cve": "CVE-2018-3061", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3061" }, { "cve": "CVE-2018-3060", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3060" }, { "cve": "CVE-2018-3058", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3058" }, { "cve": "CVE-2018-3056", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3056" }, { "cve": "CVE-2018-3054", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-3054" }, { "cve": "CVE-2018-2877", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2877" }, { "cve": "CVE-2018-2846", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2846" }, { "cve": "CVE-2018-2839", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2839" }, { "cve": "CVE-2018-2819", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2819" }, { "cve": "CVE-2018-2818", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2818" }, { "cve": "CVE-2018-2817", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2817" }, { "cve": "CVE-2018-2816", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2816" }, { "cve": "CVE-2018-2813", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2813" }, { "cve": "CVE-2018-2812", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2812" }, { "cve": "CVE-2018-2810", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2810" }, { "cve": "CVE-2018-2805", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2805" }, { "cve": "CVE-2018-2787", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2787" }, { "cve": "CVE-2018-2786", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2786" }, { "cve": "CVE-2018-2784", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2784" }, { "cve": "CVE-2018-2782", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2782" }, { "cve": "CVE-2018-2781", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2781" }, { "cve": "CVE-2018-2780", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2780" }, { "cve": "CVE-2018-2779", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2779" }, { "cve": "CVE-2018-2778", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2778" }, { "cve": "CVE-2018-2777", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2777" }, { "cve": "CVE-2018-2776", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2776" }, { "cve": "CVE-2018-2775", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2775" }, { "cve": "CVE-2018-2773", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2773" }, { "cve": "CVE-2018-2771", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2771" }, { "cve": "CVE-2018-2769", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2769" }, { "cve": "CVE-2018-2766", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2766" }, { "cve": "CVE-2018-2762", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2762" }, { "cve": "CVE-2018-2761", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2761" }, { "cve": "CVE-2018-2759", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2759" }, { "cve": "CVE-2018-2758", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2758" }, { "cve": "CVE-2018-2755", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2755" }, { "cve": "CVE-2018-2598", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-2598" }, { "cve": "CVE-2018-1996", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1996" }, { "cve": "CVE-2018-1926", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1926" }, { "cve": "CVE-2018-1904", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1904" }, { "cve": "CVE-2018-1902", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1902" }, { "cve": "CVE-2018-1901", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1901" }, { "cve": "CVE-2018-1798", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1798" }, { "cve": "CVE-2018-1797", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1797" }, { "cve": "CVE-2018-1794", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1794" }, { "cve": "CVE-2018-1793", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1793" }, { "cve": "CVE-2018-1777", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1777" }, { "cve": "CVE-2018-1770", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1770" }, { "cve": "CVE-2018-1767", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1767" }, { "cve": "CVE-2018-1719", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1719" }, { "cve": "CVE-2018-1695", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1695" }, { "cve": "CVE-2018-1656", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1656" }, { "cve": "CVE-2018-1643", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1643" }, { "cve": "CVE-2018-1621", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1621" }, { "cve": "CVE-2018-1614", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1614" }, { "cve": "CVE-2018-1567", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1567" }, { "cve": "CVE-2018-1447", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1447" }, { "cve": "CVE-2018-1428", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1428" }, { "cve": "CVE-2018-1427", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1427" }, { "cve": "CVE-2018-1426", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1426" }, { "cve": "CVE-2018-1301", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-1301" }, { "cve": "CVE-2018-12539", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-12539" }, { "cve": "CVE-2018-10237", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-10237" }, { "cve": "CVE-2018-0734", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-0734" }, { "cve": "CVE-2018-0732", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2018-0732" }, { "cve": "CVE-2017-9798", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2017-9798" }, { "cve": "CVE-2017-3738", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2017-3738" }, { "cve": "CVE-2017-3737", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2017-3737" }, { "cve": "CVE-2017-3736", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2017-3736" }, { "cve": "CVE-2017-3735", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2017-3735" }, { "cve": "CVE-2017-3732", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2017-3732" }, { "cve": "CVE-2017-1743", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2017-1743" }, { "cve": "CVE-2017-1741", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2017-1741" }, { "cve": "CVE-2017-1731", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2017-1731" }, { "cve": "CVE-2017-1681", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2017-1681" }, { "cve": "CVE-2017-15715", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2017-15715" }, { "cve": "CVE-2017-15710", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2017-15710" }, { "cve": "CVE-2017-12624", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2017-12624" }, { "cve": "CVE-2017-12618", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2017-12618" }, { "cve": "CVE-2017-12613", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2017-12613" }, { "cve": "CVE-2016-0705", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2016-0705" }, { "cve": "CVE-2016-0702", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2016-0702" }, { "cve": "CVE-2016-0701", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2016-0701" }, { "cve": "CVE-2015-0899", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2015-0899" }, { "cve": "CVE-2014-7810", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2014-7810" }, { "cve": "CVE-2012-5783", "notes": [ { "category": "description", "text": "In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in den Komponenten OpenSSL, Apache CXF, Apache HTTPD, Oracle MySQL, Apache Commons, Apache Struts, IBM GSKit, Java SDK, Eclipse OpenJ9 und SAML. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, seine Privilegien auszuweiten, Daten zu manipulieren, nicht spezifizierte Auswirkungen zu verursachen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Berechtigungen." } ], "release_date": "2023-06-28T22:00:00.000+00:00", "title": "CVE-2012-5783" } ] }
rhsa-2015_1621
Vulnerability from csaf_redhat
Published
2015-08-13 15:30
Modified
2024-11-25 12:05
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update
Notes
Topic
An update for the Apache Tomcat 6 and Apache Tomcat 7 component for Red Hat
JBoss Web Server 2.1.0 that fixes two security issues is now available from
the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector
(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat
Native library.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
It was found that Tomcat would keep connections open after processing
requests with a large enough request body. A remote attacker could
potentially use this flaw to exhaust the pool of available connections and
preventing further, legitimate connections to the Tomcat server to be made.
(CVE-2014-0230)
All users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat
Customer Portal are advised to apply this update. The Red Hat JBoss Web
Server process must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the Apache Tomcat 6 and Apache Tomcat 7 component for Red Hat\nJBoss Web Server 2.1.0 that fixes two security issues is now available from\nthe Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections and\npreventing further, legitimate connections to the Tomcat server to be made.\n(CVE-2014-0230)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update. The Red Hat JBoss Web\nServer process must be restarted for the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2015:1621", "url": "https://access.redhat.com/errata/RHSA-2015:1621" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.0", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.0" }, { "category": "external", "summary": "1191200", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200" }, { "category": "external", "summary": "1222573", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1621.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update", "tracking": { "current_release_date": "2024-11-25T12:05:07+00:00", "generator": { "date": "2024-11-25T12:05:07+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2015:1621", "initial_release_date": "2015-08-13T15:30:33+00:00", "revision_history": [ { "date": "2015-08-13T15:30:33+00:00", "number": "1", "summary": "Initial version" }, { "date": "2015-08-13T15:30:33+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-25T12:05:07+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Web Server 2.1", "product": { "name": "Red Hat JBoss Web Server 2.1", "product_id": "Red Hat JBoss Web Server 2.1", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2.1.0" } } } ], "category": "product_family", "name": "Red Hat JBoss Web Server" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2014-0230", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2015-02-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1191200" } ], "notes": [ { "category": "description", "text": "It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: non-persistent DoS attack by feeding data by aborting an upload", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Web Server 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0230" }, { "category": "external", "summary": "RHBZ#1191200", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0230", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0230" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55" }, { "category": "external", "summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9", "url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9" } ], "release_date": "2014-07-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-08-13T15:30:33+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files).", "product_ids": [ "Red Hat JBoss Web Server 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:1621" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "Red Hat JBoss Web Server 2.1" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tomcat: non-persistent DoS attack by feeding data by aborting an upload" }, { "cve": "CVE-2014-7810", "discovery_date": "2015-05-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1222573" } ], "notes": [ { "category": "description", "text": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.", "title": "Vulnerability description" }, { "category": "summary", "text": "Tomcat/JbossWeb: security manager bypass via EL expressions", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Web Server 2.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-7810" }, { "category": "external", "summary": "RHBZ#1222573", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-7810", "url": "https://www.cve.org/CVERecord?id=CVE-2014-7810" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59" }, { "category": "external", "summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", "url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17" } ], "release_date": "2015-05-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-08-13T15:30:33+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files).", "product_ids": [ "Red Hat JBoss Web Server 2.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:1621" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Web Server 2.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Tomcat/JbossWeb: security manager bypass via EL expressions" } ] }
rhsa-2016_2046
Vulnerability from csaf_redhat
Published
2016-10-10 20:38
Modified
2024-11-22 10:10
Summary
Red Hat Security Advisory: tomcat security update
Notes
Topic
An update for tomcat is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-5425)
* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)
* It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)
* It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388)
* A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests. (CVE-2015-5346)
Red Hat would like to thank Dawid Golunski (http://legalhackers.com) for reporting CVE-2016-5425 and Scott Geary (VendHQ) for reporting CVE-2016-5388. The CVE-2016-6325 issue was discovered by Red Hat Product Security.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-5425)\n\n* It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325)\n\n* It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810)\n\n* It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388)\n\n* A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests. (CVE-2015-5346)\n\nRed Hat would like to thank Dawid Golunski (http://legalhackers.com) for reporting CVE-2016-5425 and Scott Geary (VendHQ) for reporting CVE-2016-5388. The CVE-2016-6325 issue was discovered by Red Hat Product Security.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2016:2046", "url": "https://access.redhat.com/errata/RHSA-2016:2046" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59" }, { "category": "external", "summary": "1222573", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573" }, { "category": "external", "summary": "1311085", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311085" }, { "category": "external", "summary": "1353809", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353809" }, { "category": "external", "summary": "1362545", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362545" }, { "category": "external", "summary": "1367447", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367447" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_2046.json" } ], "title": "Red Hat Security Advisory: tomcat security update", "tracking": { "current_release_date": "2024-11-22T10:10:37+00:00", "generator": { "date": "2024-11-22T10:10:37+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2016:2046", "initial_release_date": "2016-10-10T20:38:43+00:00", "revision_history": [ { "date": "2016-10-10T20:38:43+00:00", "number": "1", "summary": "Initial version" }, { "date": "2016-10-10T20:38:43+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T10:10:37+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Client (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.2.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.2.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ComputeNode (v. 7)", "product": { "name": "Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.2.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.2.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.2.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.2.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.2.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.2.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "product": { "name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "product_id": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat-jsp-2.2-api@7.0.54-8.el7_2?arch=noarch" } } }, { "category": "product_version", "name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "product": { "name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "product_id": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat-servlet-3.0-api@7.0.54-8.el7_2?arch=noarch" } } }, { "category": "product_version", "name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch", "product": { "name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch", "product_id": "tomcat-webapps-0:7.0.54-8.el7_2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat-webapps@7.0.54-8.el7_2?arch=noarch" } } }, { "category": "product_version", "name": "tomcat-0:7.0.54-8.el7_2.noarch", "product": { "name": "tomcat-0:7.0.54-8.el7_2.noarch", "product_id": "tomcat-0:7.0.54-8.el7_2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat@7.0.54-8.el7_2?arch=noarch" } } }, { "category": "product_version", "name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "product": { "name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "product_id": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat-el-2.2-api@7.0.54-8.el7_2?arch=noarch" } } }, { "category": "product_version", "name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "product": { "name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "product_id": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat-admin-webapps@7.0.54-8.el7_2?arch=noarch" } } }, { "category": "product_version", "name": "tomcat-lib-0:7.0.54-8.el7_2.noarch", "product": { "name": "tomcat-lib-0:7.0.54-8.el7_2.noarch", "product_id": "tomcat-lib-0:7.0.54-8.el7_2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat-lib@7.0.54-8.el7_2?arch=noarch" } } }, { "category": "product_version", "name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "product": { "name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "product_id": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat-docs-webapp@7.0.54-8.el7_2?arch=noarch" } } }, { "category": "product_version", "name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "product": { "name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "product_id": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat-javadoc@7.0.54-8.el7_2?arch=noarch" } } }, { "category": "product_version", "name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "product": { "name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "product_id": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat-jsvc@7.0.54-8.el7_2?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "tomcat-0:7.0.54-8.el7_2.src", "product": { "name": "tomcat-0:7.0.54-8.el7_2.src", "product_id": "tomcat-0:7.0.54-8.el7_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat@7.0.54-8.el7_2?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src" }, "product_reference": "tomcat-0:7.0.54-8.el7_2.src", "relates_to_product_reference": "7Client-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src" }, "product_reference": "tomcat-0:7.0.54-8.el7_2.src", "relates_to_product_reference": "7Client-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Client-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src" }, "product_reference": "tomcat-0:7.0.54-8.el7_2.src", "relates_to_product_reference": "7ComputeNode-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", "product_id": "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src" }, "product_reference": "tomcat-0:7.0.54-8.el7_2.src", "relates_to_product_reference": "7ComputeNode-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7ComputeNode-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src" }, "product_reference": "tomcat-0:7.0.54-8.el7_2.src", "relates_to_product_reference": "7Server-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src" }, "product_reference": "tomcat-0:7.0.54-8.el7_2.src", "relates_to_product_reference": "7Server-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Server-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src" }, "product_reference": "tomcat-0:7.0.54-8.el7_2.src", "relates_to_product_reference": "7Workstation-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-0:7.0.54-8.el7_2.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src" }, "product_reference": "tomcat-0:7.0.54-8.el7_2.src", "relates_to_product_reference": "7Workstation-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-lib-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-lib-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-optional-7.2.Z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat-webapps-0:7.0.54-8.el7_2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" }, "product_reference": "tomcat-webapps-0:7.0.54-8.el7_2.noarch", "relates_to_product_reference": "7Workstation-optional-7.2.Z" } ] }, "vulnerabilities": [ { "cve": "CVE-2014-7810", "discovery_date": "2015-05-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1222573" } ], "notes": [ { "category": "description", "text": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.", "title": "Vulnerability description" }, { "category": "summary", "text": "Tomcat/JbossWeb: security manager bypass via EL expressions", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-7810" }, { "category": "external", "summary": "RHBZ#1222573", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-7810", "url": "https://www.cve.org/CVERecord?id=CVE-2014-7810" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59" }, { "category": "external", "summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", "url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17" } ], "release_date": "2015-05-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-10-10T20:38:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:2046" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Tomcat/JbossWeb: security manager bypass via EL expressions" }, { "cve": "CVE-2015-5346", "discovery_date": "2014-06-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1311085" } ], "notes": [ { "category": "description", "text": "A session fixation flaw was found in the way Tomcat recycled the requestedSessionSSL field. If at least one web application was configured to use the SSL session ID as the HTTP session ID, an attacker could reuse a previously used session ID for further requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Session fixation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-5346" }, { "category": "external", "summary": "RHBZ#1311085", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311085" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-5346", "url": "https://www.cve.org/CVERecord?id=CVE-2015-5346" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-5346", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5346" }, { "category": "external", "summary": "http://seclists.org/bugtraq/2016/Feb/143", "url": "http://seclists.org/bugtraq/2016/Feb/143" } ], "release_date": "2016-02-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-10-10T20:38:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:2046" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tomcat: Session fixation" }, { "acknowledgments": [ { "names": [ "Scott Geary" ], "organization": "VendHQ" } ], "cve": "CVE-2016-5388", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2016-07-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1353809" } ], "notes": [ { "category": "description", "text": "It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.", "title": "Vulnerability description" }, { "category": "summary", "text": "Tomcat: CGI sets environmental variable based on user supplied Proxy request header", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5388" }, { "category": "external", "summary": "RHBZ#1353809", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353809" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5388", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5388" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5388", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5388" } ], "release_date": "2016-07-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-10-10T20:38:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:2046" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N", "version": "3.0" }, "products": [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Tomcat: CGI sets environmental variable based on user supplied Proxy request header" }, { "acknowledgments": [ { "names": [ "Dawid Golunski" ], "organization": "http://legalhackers.com" } ], "cve": "CVE-2016-5425", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2016-07-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1362545" } ], "notes": [ { "category": "description", "text": "It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Local privilege escalation via systemd-tmpfiles service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-5425" }, { "category": "external", "summary": "RHBZ#1362545", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362545" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-5425", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5425" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5425", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5425" }, { "category": "external", "summary": "http://legalhackers.com/advisories/Tomcat-RedHat-based-Root-Privilege-Escalation-Exploit.txt", "url": "http://legalhackers.com/advisories/Tomcat-RedHat-based-Root-Privilege-Escalation-Exploit.txt" } ], "release_date": "2016-10-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-10-10T20:38:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:2046" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "tomcat: Local privilege escalation via systemd-tmpfiles service" }, { "acknowledgments": [ { "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2016-6325", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2016-08-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1367447" } ], "notes": [ { "category": "description", "text": "It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: tomcat writable config files allow privilege escalation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-6325" }, { "category": "external", "summary": "RHBZ#1367447", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1367447" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6325", "url": "https://www.cve.org/CVERecord?id=CVE-2016-6325" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6325", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6325" } ], "release_date": "2016-10-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-10-10T20:38:43+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:2046" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Client-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Client-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7ComputeNode-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7ComputeNode-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Server-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Server-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-0:7.0.54-8.el7_2.src", "7Workstation-optional-7.2.Z:tomcat-admin-webapps-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-docs-webapp-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-el-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-javadoc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsp-2.2-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-jsvc-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-lib-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-servlet-3.0-api-0:7.0.54-8.el7_2.noarch", "7Workstation-optional-7.2.Z:tomcat-webapps-0:7.0.54-8.el7_2.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tomcat: tomcat writable config files allow privilege escalation" } ] }
rhsa-2015_1622
Vulnerability from csaf_redhat
Published
2015-08-13 15:29
Modified
2024-11-25 12:05
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update
Notes
Topic
Updated tomcat6 and tomcat7 packages that fix two security issues are now
available for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 5,
6, and 7.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of
components for hosting Java web applications. It is comprised of the Apache
HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector
(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat
Native library.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
It was found that Tomcat would keep connections open after processing
requests with a large enough request body. A remote attacker could
potentially use this flaw to exhaust the pool of available connections and
preventing further, legitimate connections to the Tomcat server to be made.
(CVE-2014-0230)
All users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat
Customer Portal are advised to apply this update. The Red Hat JBoss Web
Server process must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated tomcat6 and tomcat7 packages that fix two security issues are now\navailable for Red Hat JBoss Web Server 2.1.0 on Red Hat Enterprise Linux 5,\n6, and 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Web Server is a fully integrated and certified set of\ncomponents for hosting Java web applications. It is comprised of the Apache\nHTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector\n(mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat\nNative library.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nIt was found that Tomcat would keep connections open after processing\nrequests with a large enough request body. A remote attacker could\npotentially use this flaw to exhaust the pool of available connections and\npreventing further, legitimate connections to the Tomcat server to be made.\n(CVE-2014-0230)\n\nAll users of Red Hat JBoss Web Server 2.1.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update. The Red Hat JBoss Web\nServer process must be restarted for the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2015:1622", "url": "https://access.redhat.com/errata/RHSA-2015:1622" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1191200", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200" }, { "category": "external", "summary": "1222573", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1622.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 tomcat security update", "tracking": { "current_release_date": "2024-11-25T12:05:12+00:00", "generator": { "date": "2024-11-25T12:05:12+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2015:1622", "initial_release_date": "2015-08-13T15:29:23+00:00", "revision_history": [ { "date": "2015-08-13T15:29:23+00:00", "number": "1", "summary": "Initial version" }, { "date": "2015-08-13T15:29:23+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-25T12:05:12+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product": { "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el7" } } }, { "category": "product_name", "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product": { "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el6" } } }, { "category": "product_name", "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product": { "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el5" } } } ], "category": "product_family", "name": "Red Hat JBoss Web Server" }, { "branches": [ { "category": "product_version", "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_id": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_id": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_id": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_id": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_id": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_id": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_id": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_id": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_id": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "product": { "name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_id": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "product": { "name": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_id": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-20_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "product": { "name": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_id": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-20_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "product": { "name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_id": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7@7.0.54-20_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "product": { "name": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_id": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-20_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "product": { "name": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_id": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-20_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "product": { "name": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_id": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-20_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "product": { "name": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_id": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-20_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "product": { "name": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_id": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-20_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "product": { "name": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_id": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-20_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "product": { "name": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_id": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-20_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "product": { "name": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_id": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-20_patch_04.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_id": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_id": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_id": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_id": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_id": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_id": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_id": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_id": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_id": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "product": { "name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_id": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_id": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_id": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_id": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_id": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_id": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_id": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_id": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_id": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_id": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_id": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "product": { "name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_id": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-19_patch_04.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "product": { "name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_id": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-15_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "product": { "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "product": { "name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_id": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-15_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "product": { "name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_id": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-15_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "product": { "name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_id": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-15_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "product": { "name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_id": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-15_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "product": { "name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_id": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-15_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "product": { "name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_id": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-15_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "product": { "name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_id": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-15_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "product": { "name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_id": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-15_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "product": { "name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_id": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-15_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "product": { "name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_id": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-19_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "product": { "name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_id": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "product": { "name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_id": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-19_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "product": { "name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_id": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-19_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "product": { "name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_id": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-19_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "product": { "name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_id": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-19_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "product": { "name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_id": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-19_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "product": { "name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_id": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-19_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "product": { "name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_id": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-19_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "product": { "name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_id": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-19_patch_04.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "product": { "name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_id": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-19_patch_04.ep6.el5?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "product": { "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "product": { "name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "product_id": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7@7.0.54-20_patch_04.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "product": { "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "product": { "name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "product_id": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "product": { "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "product_id": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.41-15_patch_04.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "product": { "name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "product_id": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7@7.0.54-19_patch_04.ep6.el5?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src" }, "product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src" }, "product_reference": "tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch" }, "product_reference": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src" }, "product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src" }, "product_reference": "tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch" }, "product_reference": "tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src" }, "product_reference": "tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src" }, "product_reference": "tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server", "product_id": "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch" }, "product_reference": "tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEWS-2" } ] }, "vulnerabilities": [ { "cve": "CVE-2014-0230", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2015-02-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1191200" } ], "notes": [ { "category": "description", "text": "It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and preventing further, legitimate connections to the Tomcat server to be made.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: non-persistent DoS attack by feeding data by aborting an upload", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0230" }, { "category": "external", "summary": "RHBZ#1191200", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1191200" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0230", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0230" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0230" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.55" }, { "category": "external", "summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9", "url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.9" } ], "release_date": "2014-07-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-08-13T15:29:23+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied, and back up your existing Red\nHat JBoss Web Server installation (including all applications and\nconfiguration files).\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:1622" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "tomcat: non-persistent DoS attack by feeding data by aborting an upload" }, { "cve": "CVE-2014-7810", "discovery_date": "2015-05-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1222573" } ], "notes": [ { "category": "description", "text": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.", "title": "Vulnerability description" }, { "category": "summary", "text": "Tomcat/JbossWeb: security manager bypass via EL expressions", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-7810" }, { "category": "external", "summary": "RHBZ#1222573", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-7810", "url": "https://www.cve.org/CVERecord?id=CVE-2014-7810" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59" }, { "category": "external", "summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", "url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17" } ], "release_date": "2015-05-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-08-13T15:29:23+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied, and back up your existing Red\nHat JBoss Web Server installation (including all applications and\nconfiguration files).\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:1622" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.54-19_patch_04.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-19_patch_04.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-19_patch_04.ep6.el6.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-0:6.0.41-15_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-15_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-0:7.0.54-20_patch_04.ep6.el7.src", "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-20_patch_04.ep6.el7.noarch", "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-20_patch_04.ep6.el7.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Tomcat/JbossWeb: security manager bypass via EL expressions" } ] }
rhsa-2016_0492
Vulnerability from csaf_redhat
Published
2016-03-22 21:02
Modified
2024-11-22 09:15
Summary
Red Hat Security Advisory: tomcat6 security and bug fix update
Notes
Topic
Updated tomcat6 packages that fix one security issue and one bug are now
available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having Moderate security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
Apache Tomcat is a servlet container for the Java Servlet and JavaServer
Pages (JSP) technologies.
It was found that the expression language resolver evaluated expressions
within a privileged code section. A malicious web application could use
this flaw to bypass security manager protections. (CVE-2014-7810)
This update also fixes the following bug:
* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6
servlet resulted in a large memory leak. An upstream patch has been applied
to fix this bug, and the memory leak no longer occurs. (BZ#1301646)
All Tomcat 6 users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. Tomcat must be
restarted for this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated tomcat6 packages that fix one security issue and one bug are now\navailable for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", "title": "Topic" }, { "category": "general", "text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer\nPages (JSP) technologies.\n\nIt was found that the expression language resolver evaluated expressions\nwithin a privileged code section. A malicious web application could use\nthis flaw to bypass security manager protections. (CVE-2014-7810)\n\nThis update also fixes the following bug:\n\n* Previously, using a New I/O (NIO) connector in the Apache Tomcat 6 \nservlet resulted in a large memory leak. An upstream patch has been applied\nto fix this bug, and the memory leak no longer occurs. (BZ#1301646)\n\nAll Tomcat 6 users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. Tomcat must be\nrestarted for this update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2016:0492", "url": "https://access.redhat.com/errata/RHSA-2016:0492" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", "url": "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44" }, { "category": "external", "summary": "1222573", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573" }, { "category": "external", "summary": "1301646", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301646" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0492.json" } ], "title": "Red Hat Security Advisory: tomcat6 security and bug fix update", "tracking": { "current_release_date": "2024-11-22T09:15:48+00:00", "generator": { "date": "2024-11-22T09:15:48+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2016:0492", "initial_release_date": "2016-03-22T21:02:03+00:00", "revision_history": [ { "date": "2016-03-22T21:02:03+00:00", "number": "1", "summary": "Initial version" }, { "date": "2016-03-22T21:02:03+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T09:15:48+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "product": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "product_id": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=x86_64" } } }, { "category": "product_version", "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "product": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "product_id": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=x86_64" } } }, { "category": "product_version", "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "product": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "product_id": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=x86_64" } } }, { "category": "product_version", "name": "tomcat6-0:6.0.24-94.el6_7.x86_64", "product": { "name": "tomcat6-0:6.0.24-94.el6_7.x86_64", "product_id": "tomcat6-0:6.0.24-94.el6_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=x86_64" } } }, { "category": "product_version", "name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "product": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "product_id": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=x86_64" } } }, { "category": "product_version", "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "product": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "product_id": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=x86_64" } } }, { "category": "product_version", "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "product": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "product_id": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=x86_64" } } }, { "category": "product_version", "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "product": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "product_id": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=x86_64" } } }, { "category": "product_version", "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "product": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "product_id": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=x86_64" } } }, { "category": "product_version", "name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "product": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "product_id": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "tomcat6-0:6.0.24-94.el6_7.src", "product": { "name": "tomcat6-0:6.0.24-94.el6_7.src", "product_id": "tomcat6-0:6.0.24-94.el6_7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "product": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "product_id": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=i686" } } }, { "category": "product_version", "name": "tomcat6-0:6.0.24-94.el6_7.i686", "product": { "name": "tomcat6-0:6.0.24-94.el6_7.i686", "product_id": "tomcat6-0:6.0.24-94.el6_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=i686" } } }, { "category": "product_version", "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "product": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "product_id": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=i686" } } }, { "category": "product_version", "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "product": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "product_id": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=i686" } } }, { "category": "product_version", "name": "tomcat6-lib-0:6.0.24-94.el6_7.i686", "product": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.i686", "product_id": "tomcat6-lib-0:6.0.24-94.el6_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=i686" } } }, { "category": "product_version", "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "product": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "product_id": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=i686" } } }, { "category": "product_version", "name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686", "product": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686", "product_id": "tomcat6-webapps-0:6.0.24-94.el6_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=i686" } } }, { "category": "product_version", "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "product": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "product_id": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=i686" } } }, { "category": "product_version", "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "product": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "product_id": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=i686" } } }, { "category": "product_version", "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "product": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "product_id": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "product": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "product_id": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=ppc64" } } }, { "category": "product_version", "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "product": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "product_id": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=ppc64" } } }, { "category": "product_version", "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "product": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "product_id": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=ppc64" } } }, { "category": "product_version", "name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "product": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "product_id": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=ppc64" } } }, { "category": "product_version", "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "product": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "product_id": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=ppc64" } } }, { "category": "product_version", "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "product": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "product_id": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=ppc64" } } }, { "category": "product_version", "name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "product": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "product_id": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=ppc64" } } }, { "category": "product_version", "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "product": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "product_id": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=ppc64" } } }, { "category": "product_version", "name": "tomcat6-0:6.0.24-94.el6_7.ppc64", "product": { "name": "tomcat6-0:6.0.24-94.el6_7.ppc64", "product_id": "tomcat6-0:6.0.24-94.el6_7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=ppc64" } } }, { "category": "product_version", "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "product": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "product_id": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "product": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "product_id": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-debuginfo@6.0.24-94.el6_7?arch=s390x" } } }, { "category": "product_version", "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "product": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "product_id": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-94.el6_7?arch=s390x" } } }, { "category": "product_version", "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "product": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "product_id": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-94.el6_7?arch=s390x" } } }, { "category": "product_version", "name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "product": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "product_id": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-94.el6_7?arch=s390x" } } }, { "category": "product_version", "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "product": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "product_id": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-94.el6_7?arch=s390x" } } }, { "category": "product_version", "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "product": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "product_id": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-94.el6_7?arch=s390x" } } }, { "category": "product_version", "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "product": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "product_id": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-94.el6_7?arch=s390x" } } }, { "category": "product_version", "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "product": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "product_id": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-94.el6_7?arch=s390x" } } }, { "category": "product_version", "name": "tomcat6-0:6.0.24-94.el6_7.s390x", "product": { "name": "tomcat6-0:6.0.24-94.el6_7.s390x", "product_id": "tomcat6-0:6.0.24-94.el6_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.24-94.el6_7?arch=s390x" } } }, { "category": "product_version", "name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x", "product": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x", "product_id": "tomcat6-lib-0:6.0.24-94.el6_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-94.el6_7?arch=s390x" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.src", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Client-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.src", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.src", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.src", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Server-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.src", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.src", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.i686", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "relates_to_product_reference": "6Workstation-optional-6.7.z" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64" }, "product_reference": "tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "relates_to_product_reference": "6Workstation-optional-6.7.z" } ] }, "vulnerabilities": [ { "cve": "CVE-2014-7810", "discovery_date": "2015-05-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1222573" } ], "notes": [ { "category": "description", "text": "It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections.", "title": "Vulnerability description" }, { "category": "summary", "text": "Tomcat/JbossWeb: security manager bypass via EL expressions", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-7810" }, { "category": "external", "summary": "RHBZ#1222573", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222573" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-7810", "url": "https://www.cve.org/CVERecord?id=CVE-2014-7810" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44", "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.59" }, { "category": "external", "summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17", "url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.17" } ], "release_date": "2015-05-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-03-22T21:02:03+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:0492" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Client-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Client-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6ComputeNode-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6ComputeNode-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Server-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Server-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.src", "6Workstation-optional-6.7.z:tomcat6-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-admin-webapps-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-debuginfo-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-docs-webapp-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-el-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-javadoc-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-jsp-2.1-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-lib-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-servlet-2.5-api-0:6.0.24-94.el6_7.x86_64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.i686", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.ppc64", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.s390x", "6Workstation-optional-6.7.z:tomcat6-webapps-0:6.0.24-94.el6_7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Tomcat/JbossWeb: security manager bypass via EL expressions" } ] }
ghsa-4c43-cwvx-9crh
Vulnerability from github
Published
2022-05-14 01:10
Modified
2022-07-06 21:05
Summary
Improper Access Control in Apache Tomcat
Details
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.
{ "affected": [ { "package": { "ecosystem": "Maven", "name": "org.apache.tomcat:tomcat" }, "ranges": [ { "events": [ { "introduced": "6.0.0" }, { "fixed": "6.0.44" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Maven", "name": "org.apache.tomcat:tomcat" }, "ranges": [ { "events": [ { "introduced": "7.0.0" }, { "fixed": "7.0.58" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Maven", "name": "org.apache.tomcat:tomcat" }, "ranges": [ { "events": [ { "introduced": "8.0.0" }, { "fixed": "8.0.16" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2014-7810" ], "database_specific": { "cwe_ids": [ "CWE-284" ], "github_reviewed": true, "github_reviewed_at": "2022-07-06T21:05:15Z", "nvd_published_at": "2015-06-07T23:59:00Z", "severity": "MODERATE" }, "details": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.", "id": "GHSA-4c43-cwvx-9crh", "modified": "2022-07-06T21:05:15Z", "published": "2022-05-14T01:10:17Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7810" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2015-1621.html" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2015-1622.html" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2016-0492.html" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html" }, { "type": "WEB", "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018" }, { "type": "WEB", "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642" }, { "type": "WEB", "url": "http://tomcat.apache.org/security-6.html" }, { "type": "WEB", "url": "http://tomcat.apache.org/security-7.html" }, { "type": "WEB", "url": "http://tomcat.apache.org/security-8.html" }, { "type": "WEB", "url": "http://www.debian.org/security/2015/dsa-3428" }, { "type": "WEB", "url": "http://www.debian.org/security/2016/dsa-3447" }, { "type": "WEB", "url": "http://www.debian.org/security/2016/dsa-3530" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-2654-1" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-2655-1" } ], "schema_version": "1.4.0", "severity": [], "summary": "Improper Access Control in Apache Tomcat" }
gsd-2014-7810
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2014-7810", "description": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.", "id": "GSD-2014-7810", "references": [ "https://www.suse.com/security/cve/CVE-2014-7810.html", "https://www.debian.org/security/2016/dsa-3530", "https://www.debian.org/security/2016/dsa-3447", "https://www.debian.org/security/2015/dsa-3428", "https://access.redhat.com/errata/RHSA-2016:2046", "https://access.redhat.com/errata/RHSA-2016:0492", "https://access.redhat.com/errata/RHSA-2015:1622", "https://access.redhat.com/errata/RHSA-2015:1621", "https://ubuntu.com/security/CVE-2014-7810", "https://alas.aws.amazon.com/cve/html/CVE-2014-7810.html", "https://linux.oracle.com/cve/CVE-2014-7810.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2014-7810" ], "details": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.", "id": "GSD-2014-7810", "modified": "2023-12-13T01:22:46.967638Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2014-7810", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2016:0492", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0492.html" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964" }, { "name": "USN-2654-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2654-1" }, { "name": "RHSA-2015:1622", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1622.html" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" }, { "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018" }, { "name": "DSA-3530", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3530" }, { "name": "http://tomcat.apache.org/security-7.html", "refsource": "CONFIRM", "url": "http://tomcat.apache.org/security-7.html" }, { "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642" }, { "name": "HPSBUX03561", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2" }, { "name": "RHSA-2016:2046", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html" }, { "name": "http://tomcat.apache.org/security-8.html", "refsource": "CONFIRM", "url": "http://tomcat.apache.org/security-8.html" }, { "name": "DSA-3428", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3428" }, { "name": "http://tomcat.apache.org/security-6.html", "refsource": "CONFIRM", "url": "http://tomcat.apache.org/security-6.html" }, { "name": "74665", "refsource": "BID", "url": "http://www.securityfocus.com/bid/74665" }, { "name": "1032330", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032330" }, { "name": "USN-2655-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2655-1" }, { "name": "RHSA-2015:1621", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1621.html" }, { "name": "DSA-3447", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3447" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" }, { "name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "[6.0.0,6.0.44),[7.0.0,7.0.58),[8.0.0,8.0.16)", "affected_versions": "All versions starting from 6.0.0 before 6.0.44, all versions starting from 7.0.0 before 7.0.58, all versions starting from 8.0.0 before 8.0.16", "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "cwe_ids": [ "CWE-1035", "CWE-284", "CWE-937" ], "date": "2022-07-06", "description": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation.", "fixed_versions": [ "6.0.44", "7.0.58", "8.0.16" ], "identifier": "CVE-2014-7810", "identifiers": [ "GHSA-4c43-cwvx-9crh", "CVE-2014-7810" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.44 before 7.0.0, all versions starting from 7.0.58 before 8.0.0, all versions starting from 8.0.16", "package_slug": "maven/org.apache.tomcat/tomcat", "pubdate": "2022-05-14", "solution": "Upgrade to versions 6.0.44, 7.0.58, 8.0.16 or above.", "title": "Improper Access Control", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2014-7810", "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E", "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E", "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E", "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E", "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E", "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E", "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E", "http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2", "http://rhn.redhat.com/errata/RHSA-2015-1621.html", "http://rhn.redhat.com/errata/RHSA-2015-1622.html", "http://rhn.redhat.com/errata/RHSA-2016-0492.html", "http://rhn.redhat.com/errata/RHSA-2016-2046.html", "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018", "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642", "http://tomcat.apache.org/security-6.html", "http://tomcat.apache.org/security-7.html", "http://tomcat.apache.org/security-8.html", "http://www.debian.org/security/2015/dsa-3428", "http://www.debian.org/security/2016/dsa-3447", "http://www.debian.org/security/2016/dsa-3530", "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", "http://www.ubuntu.com/usn/USN-2654-1", "http://www.ubuntu.com/usn/USN-2655-1", "https://github.com/advisories/GHSA-4c43-cwvx-9crh" ], "uuid": "7db102f6-3997-4435-b4bc-dd430ebccd59" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2014-7810" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-284" } ] } ] }, "references": { "reference_data": [ { "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018", "refsource": "CONFIRM", "tags": [ "Patch" ], "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1644018" }, { "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642", "refsource": "CONFIRM", "tags": [ "Patch" ], "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1645642" }, { "name": "http://tomcat.apache.org/security-6.html", "refsource": "CONFIRM", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://tomcat.apache.org/security-6.html" }, { "name": "http://tomcat.apache.org/security-8.html", "refsource": "CONFIRM", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://tomcat.apache.org/security-8.html" }, { "name": "http://tomcat.apache.org/security-7.html", "refsource": "CONFIRM", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://tomcat.apache.org/security-7.html" }, { "name": "DSA-3530", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2016/dsa-3530" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964" }, { "name": "HPSBUX03561", "refsource": "HP", "tags": [ "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=145974991225029\u0026w=2" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "RHSA-2016:2046", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2046.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" }, { "name": "74665", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/74665" }, { "name": "RHSA-2016:0492", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0492.html" }, { "name": "DSA-3428", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2015/dsa-3428" }, { "name": "DSA-3447", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2016/dsa-3447" }, { "name": "RHSA-2015:1622", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1622.html" }, { "name": "RHSA-2015:1621", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-1621.html" }, { "name": "USN-2655-1", "refsource": "UBUNTU", "tags": [], "url": "http://www.ubuntu.com/usn/USN-2655-1" }, { "name": "1032330", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id/1032330" }, { "name": "USN-2654-1", "refsource": "UBUNTU", "tags": [], "url": "http://www.ubuntu.com/usn/USN-2654-1" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E" }, { "name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false } }, "lastModifiedDate": "2019-04-15T16:30Z", "publishedDate": "2015-06-07T23:59Z" } } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.