If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in theVersions known to be not vulnerable column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.

Mitigation

To mitigate this vulnerability, you should permit access to the ARX GUI only over a secure network.

Supplemental Information

SOL9970: Subscribing to email notifications regarding F5 products
SOL9957: Creating a custom RSS feed to view new and updated documents
SOL4602: Overview of the F5 security vulnerability response policy
SOL4918: Overview of the F5 critical issue hotfix policy

CPENameOperatorVersion
arxle6.4.0

CPE	Name	Operator	Version
	arx	le	6.4.0

References

support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html

support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html

support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html

support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html

f5 1

nessus 35

openvas 26

tomcat 4

ibm 21

centos 1

debian 8

freebsd 1

osv 14

redhat 9

amazon 1

suse 6

mageia 1

ubuntu 3

fedora 3

cvelist 3

github 3

debiancve 3

prion 3

ubuntucve 3

cve 3

redhatcve 1

nvd 3

exploitdb 1

exploitpack 1

veracode 1

packetstorm 1

oraclelinux 1

oracle 2

K65230547 : Apache Tomcat vulnerabilities CVE-2016-5018, CVE-2016-6794, and CVE-2016-6796

2016-11-14 00:00:00

nessus

Debian DSA-3720-1 : tomcat8 - security update

2016-11-22 00:00:00

CentOS 7 : tomcat (CESA-2017:2247)

2017-08-25 00:00:00

RHEL 6 : tomcat5 (Unpatched Vulnerability)

2024-06-03 00:00:00

openvas

Debian Security Advisory DSA 3720-1 (tomcat8 - security update)

2016-11-21 00:00:00

RedHat Update for tomcat RHSA-2017:2247-01

2017-08-04 00:00:00

Debian: Security Advisory (DSA-3721-1)

2016-11-20 00:00:00

tomcat

Fixed in Apache Tomcat 6.0.47

2016-10-16 00:00:00

Fixed in Apache Tomcat 9.0.0.M10

2016-09-05 00:00:00

Fixed in Apache Tomcat 8.5.5 and 8.0.37

2016-09-05 00:00:00

ibm

Security Bulletin: Security vulnerabilities in Apache Tomcat affect Rational Insight

2018-06-17 05:20:08

Security Bulletin: IBM WebSphere Cast Iron Solution is affected by Apache Tomcat vulnerabilities

2019-11-18 13:57:34

Security Bulletin: Security vulnerabilities in Apache Tomcat affect Rational Reporting for Development Intelligence

2018-06-17 05:20:07

centos

tomcat security update

2017-08-24 01:41:52

debian

[SECURITY] [DSA 3720-1] tomcat8 security update

2016-11-21 18:49:12

[SECURITY] [DSA 3721-1] tomcat7 security update

2016-11-21 18:49:22

[SECURITY] [DSA 3721-1] tomcat7 security update

2016-11-21 18:49:22

freebsd

tomcat -- multiple vulnerabilities

2016-10-27 00:00:00

osv

tomcat8 - security update

2016-11-21 00:00:00

tomcat7 - security update

2016-11-21 00:00:00

tomcat6 vulnerabilities

2020-09-30 12:55:19

redhat

(RHSA-2017:2247) Low: tomcat security, bug fix, and enhancement update

2017-08-01 05:59:34

(RHSA-2017:1549) Moderate: Red Hat JBoss Enterprise Application Platform 6.4.16 update on RHEL 6

2017-06-20 15:32:16

(RHSA-2017:1548) Moderate: Red Hat JBoss Enterprise Application Platform 6.4.16 update on RHEL 7

2017-06-20 15:31:47

amazon

Important: tomcat6, tomcat7, tomcat8

2016-11-10 18:00:00

suse

Security update for tomcat (important)

2016-12-10 23:07:49

Security update for tomcat (important)

2016-12-10 23:11:58

Security update for tomcat (important)

2016-12-14 01:14:48

mageia

Updated tomcat packages fix security vulnerability

2016-11-05 01:29:35

ubuntu

Tomcat vulnerabilities

2020-09-30 00:00:00

Tomcat vulnerabilities

2017-01-23 00:00:00

Tomcat regression

2017-02-02 00:00:00

fedora

[SECURITY] Fedora 24 Update: tomcat-8.0.38-1.fc24

2016-11-12 23:56:29

[SECURITY] Fedora 25 Update: tomcat-8.0.38-1.fc25

2016-11-19 21:26:18

[SECURITY] Fedora 23 Update: tomcat-8.0.38-1.fc23

2016-11-13 02:21:02

cvelist

CVE-2016-6796

2016-10-27 00:00:00

CVE-2016-6794

2016-10-27 00:00:00

CVE-2016-5018

2016-10-27 00:00:00

github

System Property Disclosure in Apache Tomcat

2022-05-13 01:02:16

Apache Tomcat vulnerable to SecurityManager bypass

2022-05-13 01:02:16

Authentication Bypass Using an Alternate Path or Channel in Apache Tomcat

2022-05-13 01:02:15

debiancve

CVE-2016-6794

2017-08-10 16:29:00

CVE-2016-6796

2017-08-11 02:29:00

CVE-2016-5018

2017-08-10 16:29:00

prion

Design/Logic Flaw

2017-08-10 16:29:00

Design/Logic Flaw

2017-08-11 02:29:00

Design/Logic Flaw

2017-08-10 16:29:00

ubuntucve

CVE-2016-6796

2016-10-28 00:00:00

CVE-2016-6794

2016-10-28 00:00:00

CVE-2016-5018

2016-10-28 00:00:00

cve

CVE-2016-6796

2017-08-11 02:29:00

CVE-2016-6794

2017-08-10 16:29:00

CVE-2016-5018

2017-08-10 16:29:00

redhatcve

CVE-2016-6794

2016-11-01 10:17:21

nvd

CVE-2016-6794

2017-08-10 16:29:00

CVE-2016-6796

2017-08-11 02:29:00

CVE-2016-5018

2017-08-10 16:29:00

exploitdb

Tomcat proprietaryEvaluate 9.0.0.M1 - Sandbox Escape

2020-01-08 00:00:00

exploitpack

Tomcat proprietaryEvaluate 9.0.0.M1 - Sandbox Escape

2020-01-08 00:00:00

veracode

Security Manager Bypass

2019-01-15 09:17:22

packetstorm

Tomcat 9.0.0.M1 Sandbox Escape

2020-01-08 00:00:00

oraclelinux

tomcat security, bug fix, and enhancement update

2017-08-07 00:00:00

oracle

Oracle Critical Patch Update Advisory - April 2017

2017-04-18 00:00:00

Oracle Critical Patch Update Advisory - October 2021

2021-10-19 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.002 Low

EPSS

Percentile

54.9%

JSON

Related for SOL65230547