CVE-2016-8735:
Apache Tomcat Improper Access Control vulnerability
9.8
CVSS Score
3.0
Basic Information
CVE ID
GHSA ID
EPSS Score
0.99879%
CWE
Published
5/13/2022
Updated
6/27/2024
KEV Status
Yes
Technology
Java
Technical Details
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
org.apache.tomcat:tomcat-catalina | maven | < 6.0.48 | 6.0.48 |
org.apache.tomcat:tomcat-catalina | maven | >= 7.0.0, < 7.0.73 | 7.0.73 |
org.apache.tomcat:tomcat-catalina | maven | >= 8.0.0, < 8.0.39 | 8.0.39 |
org.apache.tomcat:tomcat-catalina | maven | >= 8.5.0, < 8.5.7 | 8.5.7 |
org.apache.tomcat:tomcat-catalina | maven | >= 9.0.0.M1, < 9.0.0.M12 | 9.0.0.M12 |
org.apache.tomcat:tomcat-catalina-jmx-remote | maven | < 6.0.48 | 6.0.48 |
org.apache.tomcat:tomcat-catalina-jmx-remote | maven | >= 7.0.0, < 7.0.73 | 7.0.73 |
org.apache.tomcat:tomcat-catalina-jmx-remote | maven | >= 8.0.0, < 8.0.39 | 8.0.39 |
org.apache.tomcat:tomcat-catalina-jmx-remote | maven | >= 8.5.0, < 8.5.7 | 8.5.7 |
org.apache.tomcat:tomcat-catalina-jmx-remote | maven | >= 9.0.0.M1, < 9.0.0.M12 | 9.0.0.M12 |