CVE-2016-6796 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2016-6796?

CVE-2016-6796 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2016-6796?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Tomcat, Debian Debian Linux, Netapp Oncommand Insight, Netapp Oncommand Shift, Netapp Snap Creator Framework.

Vulnerability Description

A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Apache	Tomcat	>= 6.0.0, <= 6.0.45
Debian	Debian Linux	8.0
Netapp	Oncommand Insight	-
Netapp	Oncommand Shift	-
Netapp	Snap Creator Framework	-
Canonical	Ubuntu Linux	16.04
Oracle	Tekelec Platform Distribution	7.4.0
Redhat	Jboss Enterprise Application Platform	6.4
Redhat	Jboss Enterprise Web Server	3.0.0
Redhat	Enterprise Linux Desktop	7.0
Redhat	Enterprise Linux Eus	7.4
Redhat	Enterprise Linux Server	7.0
Redhat	Enterprise Linux Server Aus	7.4
Redhat	Enterprise Linux Server Tus	7.6
Redhat	Enterprise Linux Workstation	7.0

References

http://rhn.redhat.com/errata/RHSA-2017-0457.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-1551.htmlThird Party Advisory
http://www.debian.org/security/2016/dsa-3720Third Party Advisory
http://www.securityfocus.com/bid/93944Broken Link
http://www.securitytracker.com/id/1037141Broken Link
http://www.securitytracker.com/id/1038757Broken Link
https://access.redhat.com/errata/RHSA-2017:0455Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0456Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1548Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1549Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1550Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1552Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2247Third Party Advisory
https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e8
https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbea

FAQ

What is CVE-2016-6796?

CVE-2016-6796 is a vulnerability with a CVSS score of 7.5 (HIGH). A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via ...

How severe is CVE-2016-6796?

CVE-2016-6796 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-6796?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Tomcat, Debian Debian Linux, Netapp Oncommand Insight, Netapp Oncommand Shift, Netapp Snap Creator Framework.