vulnerability
Huawei EulerOS: CVE-2016-6325: tomcat security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Oct 13, 2016 | Nov 30, 2017 | Apr 14, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Oct 13, 2016
Added
Nov 30, 2017
Modified
Apr 14, 2025
Description
It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges.
Solutions
huawei-euleros-2_0_sp1-upgrade-tomcathuawei-euleros-2_0_sp1-upgrade-tomcat-admin-webappshuawei-euleros-2_0_sp1-upgrade-tomcat-el-2.2-apihuawei-euleros-2_0_sp1-upgrade-tomcat-jsp-2.2-apihuawei-euleros-2_0_sp1-upgrade-tomcat-libhuawei-euleros-2_0_sp1-upgrade-tomcat-servlet-3.0-apihuawei-euleros-2_0_sp1-upgrade-tomcat-webapps
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.