0.001 Low
EPSS
Percentile
47.9%
It was discovered that it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.
bugzilla.redhat.com/show_bug.cgi?id=1390493
tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.47 https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.72 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.5_and_8.0.37