logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2016-8735

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2016-8735

Description:
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.
Last updated date:
10/05/2020

Reports

alt

ACTIVELY EXPLOITED

Type:
exploitation
Confidence:
HIGH
Date of publishing:
05/12/2023
Reference url to background

https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2023

Privacy Policy