virus logo FortiClient Vulnerability

Apache Tomcat CVE-2016-6797 Authorization Bypass Vulnerability

description-logoDescription

The ResourceLinkFactory did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.

affected-products-logoAffected Applications

Apache Tomcat

CVE References

CVE-2016-6797

Other References

http://tomcat.apache.org/security.html
ID 43274
Created Jan 17, 2020
Description
Updated		 Jan 16, 2024
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor Apache
Patch manual
Application Apache Tomcat