CVE-2016-8735 in Database Serverinformação

Sumário

de MITRE

Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

18/10/2016

Divulgação

06/04/2017

Moderação

aceite

Entrada

Relacionar

mostrar

CPE

pronto

CWE

CWE-284 (confirmado)

CVSS

9.8 (NVD)

EPSS

0.93809

KEV

sim

Atividades

muito baixo

Sector

Chemical, Lawfirm, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-8735
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-8735
CVE Details	https://www.cvedetails.com/cve/CVE-2016-8735/

◂ Voltar Visão Geral Próximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!