Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tomcat 权限许可和访问控制问题漏洞
Vulnerability Description
Apache Tomcat是美国阿帕奇(Apache)基金会的一款轻量级Web应用服务器。该程序实现了对Servlet和JavaServer Page(JSP)的支持。 Apache Tomcat存在权限许可和访问控制问题漏洞。本地攻击者利用该漏洞获取权限。使用Tomcat数据包的以下产品受到影响:Red Hat Enterprise Linux 5至7版本,JBoss Web Server 3.0版本,JBoss EWS 2版本。
CVSS Information
N/A
Vulnerability Type
N/A