Privilege Escalation

2019-01-1508:53:56

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.0004 Low

EPSS

Percentile

5.1%

JSON

tomcat is vulnerable to privilege escalation. An error in the way the init script handled the tomcat5-initd.log, tomcat6-initd.log, tomcat7-initd.log and catalina.out log files allows a tomcat user to perform a symbolic link attack to change the ownership of an arbitrary system file to the tomcat user, allowing privilege escalation to root.

CPENameOperatorVersion
tomcat6eq6.0.24__48.el6_3
tomcat6eq6.0.24__55.el6_4
tomcat6eq6.0.24__24.el6_0
tomcat6eq6.0.24__64.el6_5
tomcat6eq6.0.24__111.el6_9
tomcat6eq6.0.24__95.el6
tomcat6eq6.0.24__49.el6
tomcat6eq6.0.24__62.el6
tomcat6eq6.0.24__80.el6
tomcat6eq6.0.24__15.el6

Name	Operator	Version
tomcat6	eq	6.0.24__48.el6_3
tomcat6	eq	6.0.24__55.el6_4
tomcat6	eq	6.0.24__24.el6_0
tomcat6	eq	6.0.24__64.el6_5
tomcat6	eq	6.0.24__111.el6_9
tomcat6	eq	6.0.24__95.el6
tomcat6	eq	6.0.24__49.el6
tomcat6	eq	6.0.24__62.el6
tomcat6	eq	6.0.24__80.el6
tomcat6	eq	6.0.24__15.el6