Get a Demo

Let's Patch It!

Book a short call with one our specialists, we'll walk you through how Endor Patches work, and ask you a few questions about your environment (like your primary programming languages and repository management). We'll also send you an email right after you fill out the form, feel free to reply with any questions you have in advance!

CVE

CVE-2016-0714

Improper Access Control in Apache Tomcat

Description

The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged context via a web application that places a crafted object in a session.

Base CVSS

8.8

EPSS Score

7.87%

Introduced Version

6.0.13

Fix Available

7.0.70,6.0.45,9.0.0.M2,9.0.0.M3,8.0.32

Fix without Upgrading

Available Patches

Package

CVEs Fixed

Lines of Code Changed

org.apache.tomcat:tomcat-catalina

References

http://rhn.redhat.com/errata/RHSA-2016-2045.html

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html

http://rhn.redhat.com/errata/RHSA-2016-2808.html

http://rhn.redhat.com/errata/RHSA-2016-2599.html

http://svn.apache.org/viewvc?view=revision&revision=1726196

http://www.ubuntu.com/usn/USN-3024-1

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html

http://tomcat.apache.org/security-8.html

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html

http://tomcat.apache.org/security-9.html

http://tomcat.apache.org/security-7.html

http://tomcat.apache.org/security-6.html

http://www.debian.org/security/2016/dsa-3530

http://svn.apache.org/viewvc?view=revision&revision=1727182

http://seclists.org/bugtraq/2016/Feb/145

http://svn.apache.org/viewvc?view=revision&revision=1727034

http://svn.apache.org/viewvc?view=revision&revision=1726923

http://svn.apache.org/viewvc?view=revision&revision=1727166

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00082.html

http://svn.apache.org/viewvc?view=revision&revision=1725263

http://svn.apache.org/viewvc?view=revision&revision=1726203

http://rhn.redhat.com/errata/RHSA-2016-1089.html

http://www.debian.org/security/2016/dsa-3609

http://marc.info/?l=bugtraq&m=145974991225029&w=2

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

http://svn.apache.org/viewvc?view=revision&revision=1725914

http://rhn.redhat.com/errata/RHSA-2016-2807.html

https://github.com/apache/tomcat/commit/79e8ad03404c131009811855f9a30d8d01c0c736

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E

http://www.debian.org/security/2016/dsa-3552

https://nvd.nist.gov/vuln/detail/CVE-2016-0714

https://web.archive.org/web/20170927131230/http://www.securitytracker.com/id/1037640

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626

https://access.redhat.com/errata/RHSA-2016:1087

https://github.com/apache/tomcat/commit/f626da75fd59da82b14dee7b8cc46ad51eefdbe5

https://bto.bluecoat.com/security-advisory/sa118

https://access.redhat.com/errata/RHSA-2016:1088

https://security.netapp.com/advisory/ntap-20180531-0001

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E

https://github.com/apache/tomcat/commit/50f1b1da794cd93b70ab5456d3c2c984408e1506

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E

https://web.archive.org/web/20170204045529/http://www.securityfocus.com/bid/83327

https://security.gentoo.org/glsa/201705-09

https://github.com/apache/tomcat80/commit/2e5cc28052e84ba45196949ba602484221bbf33c

https://github.com/apache/tomcat80/commit/5430f30c79383e4d2d87785468905fcb00bace58

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E

https://github.com/apache/tomcat/commit/824eb1d1ad922e7652ecf51adb2b9eebb5bb88b5

https://github.com/apache/tomcat/commit/e1b1002129fea4033329f6f619ba219527bbbd40

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

https://web.archive.org/web/20170601064840/http://www.securitytracker.com/id/1035069

https://github.com/apache/tomcat/commit/ff1b659dc366a2ad47cd8f7e3544c796a1b15e46

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

https://github.com/apache/tomcat

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

AppSec for the Software Development Revolution

Endor Labs builds a complete graph of your software estate, so teams can pinpoint and fix critical risks in complex, dependency-rich code—whether it was written by humans or AI.

Welcome to the resistance

Oops! Something went wrong, please try again.