It exists that Tomcat incorrectly handled the RMI registry when configured with the JMX Remote Lifecycle Listener. A local attacker could possibly use this issue to obtain credentials and gain complete control over the Tomcat instance. (CVE-2019-12418)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache tomcat |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
oracle workload manager 18c |
||
oracle workload manager 19c |
||
oracle workload manager 12.2.0.1 |
||
canonical ubuntu linux 16.04 |
||
opensuse leap 15.1 |
||
netapp oncommand system manager |