Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HApache Tomcat
APPApache9.0.0< 6.0.487.0.0 – 7.0.73 (bez)8.0 – 8.0.39 (bez)8.5.0 – 8.5.7 (bez)Canonical Ubuntu
OSCanonical16.04Debian
OSDebian8.0Netapp 7 Mode Transition Tool
APPNetappwszystkie wersjeNetapp Oncommand Insight
APPNetappwszystkie wersjeNetapp Oncommand Shift
APPNetappwszystkie wersjeNetapp Snap Creator Framework
APPNetappwszystkie wersjeOracle Agile Engineering Data Management
APPOracle6.1.36.2.06.2.1.0Oracle Agile Plm
APPOracle9.3.59.3.6Oracle Communications Application Session Controller
APPOracle3.7.13.8.0Oracle Communications Instant Messaging Server
APPOracle10.0.1Oracle Communications Interactive Session Recorder
APPOracle6.06.16.2Oracle Hospitality Guest Access
APPOracle4.2.04.2.1Oracle Micros Relate Crm Software
APPOracle10.811.4Oracle Micros Retail Xbri Loss Prevention
APPOracle10.0.110.5.010.6.010.7.710.8.010.8.1Oracle MySQL Enterprise Monitor
APPOracle3.3.0 – 3.3.4.3247≤ 3.2.8.22233.4.0 – 3.4.2.4181Oracle Retail Convenience And Fuel Pos Software
APPOracle2.1.132Oracle Transportation Management
APPOracle6.3.06.3.16.3.26.3.36.3.46.3.56.3.66.3.7Red Hat Jboss Enterprise Web Server
APPRedhat3.0.0
CISA KEV — detailsi
- Vendori
- Apache ↗
- Producti
- Tomcat
- Added to KEVi
- May 12, 2023
- Remediation deadline (US Federal)i
- June 2, 2023(overdue)
Apply updates per vendor instructions.
Apache Tomcat contains an unspecified vulnerability that allows for remote code execution if JmxRemoteLifecycleListener is used and an attacker can reach Java Management Extension (JMX) ports. This CVE exists because this listener wasn't updated for consistency with the Oracle patched issues for CVE-2016-3427 which affected credential types.
Related vulnerabilities
GNU Inetutils telnetd: ominięcie uwierzytelnienia przez zmienną USER
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
RCE przez deserializację PHP w Roundcube Webmail (parametr _from)
Erlang/OTP SSH — nieuwierzytelniony RCE (CVSS 10.0)
Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki