Security Advisory

CVE-2016-5425

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2016-10-13 14:00:00

Last updated 2024-08-06 01:00:59

Assigner redhat

State PUBLISHED

Description

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.

← Browse all CVEs View on cve.org ↗