Medium severity5.3NVD Advisory· Published Aug 10, 2017· Updated May 13, 2026
CVE-2016-6794
CVE-2016-6794
Description
When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Apache Tomcat's system property replacement feature allows a malicious web application to bypass the SecurityManager and read protected system properties.
Vulnerability
In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, and 6.0.0 to 6.0.45, the system property replacement feature for configuration files does not properly enforce the SecurityManager's restrictions. This allows a web application to read system properties that should not be visible, bypassing intended controls [1][3].
Exploitation
An attacker must be able to deploy a malicious web application to the Tomcat server. The attacker can then craft configuration files that use system property replacement to access properties that the SecurityManager should protect. No additional privileges or user interaction are required beyond the ability to deploy the application [1][3].
Impact
Successful exploitation allows an attacker to read arbitrary system properties that are not intended to be accessible to web applications, leading to an information disclosure that may include sensitive configuration data such as passwords, database credentials, or other runtime secrets [1][3].
Mitigation
Red Hat has released updated packages as part of RHSA-2017:0455 and RHSA-2017:0456, which address the issue in affected Red Hat products [2][4]. For Apache Tomcat upstream, fixes are included in versions 7.0.71, 8.0.37, 8.5.5, and 9.0.0.M10 or later [3]. Administrators should upgrade to the appropriate patched version as soon as possible.
References
AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.tomcat:tomcatMaven | >= 6.0.0, < 6.0.47 | 6.0.47 |
org.apache.tomcat:tomcatMaven | >= 7.0.0, < 7.0.72 | 7.0.72 |
org.apache.tomcat:tomcatMaven | >= 8.0.0, < 8.0.37 | 8.0.37 |
org.apache.tomcat:tomcatMaven | >= 8.1.0, < 8.5.5 | 8.5.5 |
org.apache.tomcat:tomcatMaven | >= 9.0.0.M1, < 9.0.0.M10 | 9.0.0.M10 |
Affected products
14- ghsa-coords13 versionspkg:maven/org.apache.tomcat/tomcatpkg:rpm/suse/tomcat6&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/tomcat6&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/tomcat6&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/tomcat6&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/tomcat6&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/tomcat&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2
>= 6.0.0, < 6.0.47+ 12 more
- (no CPE)range: >= 6.0.0, < 6.0.47
- (no CPE)range: < 6.0.53-0.56.1
- (no CPE)range: < 6.0.53-0.56.1
- (no CPE)range: < 6.0.53-0.56.1
- (no CPE)range: < 6.0.53-0.56.1
- (no CPE)range: < 6.0.53-0.56.1
- (no CPE)range: < 8.0.32-10.13.2
- (no CPE)range: < 8.0.36-17.1
- (no CPE)range: < 7.0.78-7.13.4
- (no CPE)range: < 8.0.36-17.1
- (no CPE)range: < 7.0.78-7.13.4
- (no CPE)range: < 8.0.32-10.13.2
- (no CPE)range: < 8.0.36-17.1
- Apache Software Foundation/Apache Tomcatv5Range: 9.0.0.M1 to 9.0.0.M9
Patches
40b41766456b1Provide a mechanism that enables the container to check if a component (typically a web application) has been granted a given permission when running under a SecurityManager without the current execution stack having to have passed through the component. Use this new mechanism to extend SecurityManager protection to the system property replacement feature of the digester.
4 files changed · +84 −1
java/org/apache/catalina/loader/WebappClassLoaderBase.java+23 −1 modified@@ -87,6 +87,7 @@ import org.apache.tomcat.util.compat.JreCompat; import org.apache.tomcat.util.compat.JreVendor; import org.apache.tomcat.util.res.StringManager; +import org.apache.tomcat.util.security.PermissionCheck; /** * Specialized web application class loader. @@ -135,7 +136,7 @@ * @author Craig R. McClanahan */ public abstract class WebappClassLoaderBase extends URLClassLoader - implements Lifecycle, InstrumentableClassLoader { + implements Lifecycle, InstrumentableClassLoader, PermissionCheck { private static final org.apache.juli.logging.Log log = org.apache.juli.logging.LogFactory.getLog(WebappClassLoaderBase.class); @@ -1935,6 +1936,27 @@ protected PermissionCollection getPermissions(CodeSource codeSource) { } + @Override + public boolean check(Permission permission) { + if (!Globals.IS_SECURITY_ENABLED) { + return true; + } + Policy currentPolicy = Policy.getPolicy(); + if (currentPolicy != null) { + ResourceEntry entry = findResourceInternal("/", "/", false); + if (entry != null) { + CodeSource cs = new CodeSource( + entry.codeBase, (java.security.cert.Certificate[]) null); + PermissionCollection pc = currentPolicy.getPermissions(cs); + if (pc.implies(permission)) { + return true; + } + } + } + return false; + } + + /** * Returns the search path of URLs for loading classes and resources. * This includes the original list of URLs specified to the constructor,
java/org/apache/tomcat/util/digester/Digester.java+10 −0 modified@@ -26,11 +26,13 @@ import java.lang.reflect.InvocationTargetException; import java.net.URI; import java.net.URISyntaxException; +import java.security.Permission; import java.util.EmptyStackException; import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; +import java.util.PropertyPermission; import javax.xml.parsers.ParserConfigurationException; import javax.xml.parsers.SAXParser; @@ -40,6 +42,7 @@ import org.apache.juli.logging.LogFactory; import org.apache.tomcat.util.ExceptionUtils; import org.apache.tomcat.util.IntrospectionUtils; +import org.apache.tomcat.util.security.PermissionCheck; import org.xml.sax.Attributes; import org.xml.sax.EntityResolver; import org.xml.sax.ErrorHandler; @@ -81,6 +84,13 @@ private static class SystemPropertySource implements IntrospectionUtils.PropertySource { @Override public String getProperty( String key ) { + ClassLoader cl = Thread.currentThread().getContextClassLoader(); + if (cl instanceof PermissionCheck) { + Permission p = new PropertyPermission(key, "read"); + if (!((PermissionCheck) cl).check(p)) { + return null; + } + } return System.getProperty(key); } }
java/org/apache/tomcat/util/security/PermissionCheck.java+43 −0 added@@ -0,0 +1,43 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomcat.util.security; + +import java.security.Permission; + +/** + * This interface is implemented by components to enable privileged code to + * check whether the component has a given permission. + * This is typically used when a privileged component (e.g. the container) is + * performing an action on behalf of an untrusted component (e.g. a web + * application) without the current thread having passed through a code source + * provided by the untrusted component. Because the current thread has not + * passed through a code source provided by the untrusted component the + * SecurityManager assumes the code is trusted so the standard checking + * mechanisms can't be used. + */ +public interface PermissionCheck { + + /** + * Does this component have the given permission? + * + * @param permission The permission to test + * + * @return {@code false} if a SecurityManager is enabled and the component + * does not have the given permission, otherwise {@code false} + */ + boolean check(Permission permission); +}
webapps/docs/changelog.xml+8 −0 modified@@ -99,6 +99,14 @@ <bug>59839</bug>: Apply <code>roleSearchAsUser</code> to all nested searches in JNDIRealm. (fschumacher) </fix> + <add> + Provide a mechanism that enables the container to check if a component + (typically a web application) has been granted a given permission when + running under a SecurityManager without the current execution stack + having to have passed through the component. Use this new mechanism to + extend SecurityManager protection to the system property replacement + feature of the digester. (markt) + </add> </changelog> </subsection> <subsection name="Coyote">
ae6163a4f230Provide a mechanism that enables the container to check if a component (typically a web application) has been granted a given permission when running under a SecurityManager without the current execution stack having to have passed through the component. Use this new mechanism to extend SecurityManager protection to the system property replacement feature of the digester.
4 files changed · +81 −1
java/org/apache/catalina/loader/WebappClassLoaderBase.java+20 −1 modified@@ -80,6 +80,7 @@ import org.apache.tomcat.util.compat.JreCompat; import org.apache.tomcat.util.compat.JreVendor; import org.apache.tomcat.util.res.StringManager; +import org.apache.tomcat.util.security.PermissionCheck; /** * Specialized web application class loader. @@ -125,7 +126,7 @@ * @author Craig R. McClanahan */ public abstract class WebappClassLoaderBase extends URLClassLoader - implements Lifecycle, InstrumentableClassLoader, WebappProperties { + implements Lifecycle, InstrumentableClassLoader, WebappProperties, PermissionCheck { private static final org.apache.juli.logging.Log log = org.apache.juli.logging.LogFactory.getLog(WebappClassLoaderBase.class); @@ -1386,6 +1387,24 @@ protected PermissionCollection getPermissions(CodeSource codeSource) { } + @Override + public boolean check(Permission permission) { + if (!Globals.IS_SECURITY_ENABLED) { + return true; + } + Policy currentPolicy = Policy.getPolicy(); + if (currentPolicy != null) { + URL contextRootUrl = resources.getResource("/").getCodeBase(); + CodeSource cs = new CodeSource(contextRootUrl, (Certificate[]) null); + PermissionCollection pc = currentPolicy.getPermissions(cs); + if (pc.implies(permission)) { + return true; + } + } + return false; + } + + /** * {@inheritDoc} * <p>
java/org/apache/tomcat/util/digester/Digester.java+10 −0 modified@@ -23,11 +23,13 @@ import java.lang.reflect.InvocationTargetException; import java.net.URI; import java.net.URISyntaxException; +import java.security.Permission; import java.util.EmptyStackException; import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; +import java.util.PropertyPermission; import javax.xml.parsers.ParserConfigurationException; import javax.xml.parsers.SAXParser; @@ -37,6 +39,7 @@ import org.apache.juli.logging.LogFactory; import org.apache.tomcat.util.ExceptionUtils; import org.apache.tomcat.util.IntrospectionUtils; +import org.apache.tomcat.util.security.PermissionCheck; import org.xml.sax.Attributes; import org.xml.sax.EntityResolver; import org.xml.sax.ErrorHandler; @@ -78,6 +81,13 @@ private static class SystemPropertySource implements IntrospectionUtils.PropertySource { @Override public String getProperty( String key ) { + ClassLoader cl = Thread.currentThread().getContextClassLoader(); + if (cl instanceof PermissionCheck) { + Permission p = new PropertyPermission(key, "read"); + if (!((PermissionCheck) cl).check(p)) { + return null; + } + } return System.getProperty(key); } }
java/org/apache/tomcat/util/security/PermissionCheck.java+43 −0 added@@ -0,0 +1,43 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomcat.util.security; + +import java.security.Permission; + +/** + * This interface is implemented by components to enable privileged code to + * check whether the component has a given permission. + * This is typically used when a privileged component (e.g. the container) is + * performing an action on behalf of an untrusted component (e.g. a web + * application) without the current thread having passed through a code source + * provided by the untrusted component. Because the current thread has not + * passed through a code source provided by the untrusted component the + * SecurityManager assumes the code is trusted so the standard checking + * mechanisms can't be used. + */ +public interface PermissionCheck { + + /** + * Does this component have the given permission? + * + * @param permission The permission to test + * + * @return {@code false} if a SecurityManager is enabled and the component + * does not have the given permission, otherwise {@code false} + */ + boolean check(Permission permission); +}
webapps/docs/changelog.xml+8 −0 modified@@ -109,6 +109,14 @@ <bug>59859</bug>: Fix resource leak in WebDAV servlet. Based on patch by Coty Sutherland. (fschumacher) </fix> + <add> + Provide a mechanism that enables the container to check if a component + (typically a web application) has been granted a given permission when + running under a SecurityManager without the current execution stack + having to have passed through the component. Use this new mechanism to + extend SecurityManager protection to the system property replacement + feature of the digester. (markt) + </add> </changelog> </subsection> <subsection name="Coyote">
f8db078f1e6eProvide a mechanism that enables the container to check if a component (typically a web application) has been granted a given permission when running under a SecurityManager without the current execution stack having to have passed through the component. Use this new mechanism to extend SecurityManager protection to the system property replacement feature of the digester.
4 files changed · +81 −1
java/org/apache/catalina/loader/WebappClassLoaderBase.java+20 −1 modified@@ -75,6 +75,7 @@ import org.apache.tomcat.util.IntrospectionUtils; import org.apache.tomcat.util.compat.JreCompat; import org.apache.tomcat.util.res.StringManager; +import org.apache.tomcat.util.security.PermissionCheck; /** * Specialized web application class loader. @@ -120,7 +121,7 @@ * @author Craig R. McClanahan */ public abstract class WebappClassLoaderBase extends URLClassLoader - implements Lifecycle, InstrumentableClassLoader, WebappProperties { + implements Lifecycle, InstrumentableClassLoader, WebappProperties, PermissionCheck { private static final Log log = LogFactory.getLog(WebappClassLoaderBase.class); @@ -1338,6 +1339,24 @@ protected PermissionCollection getPermissions(CodeSource codeSource) { } + @Override + public boolean check(Permission permission) { + if (!Globals.IS_SECURITY_ENABLED) { + return true; + } + Policy currentPolicy = Policy.getPolicy(); + if (currentPolicy != null) { + URL contextRootUrl = resources.getResource("/").getCodeBase(); + CodeSource cs = new CodeSource(contextRootUrl, (Certificate[]) null); + PermissionCollection pc = currentPolicy.getPermissions(cs); + if (pc.implies(permission)) { + return true; + } + } + return false; + } + + /** * {@inheritDoc} * <p>
java/org/apache/tomcat/util/digester/Digester.java+10 −0 modified@@ -23,11 +23,13 @@ import java.lang.reflect.InvocationTargetException; import java.net.URI; import java.net.URISyntaxException; +import java.security.Permission; import java.util.EmptyStackException; import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; +import java.util.PropertyPermission; import javax.xml.parsers.ParserConfigurationException; import javax.xml.parsers.SAXParser; @@ -37,6 +39,7 @@ import org.apache.juli.logging.LogFactory; import org.apache.tomcat.util.ExceptionUtils; import org.apache.tomcat.util.IntrospectionUtils; +import org.apache.tomcat.util.security.PermissionCheck; import org.xml.sax.Attributes; import org.xml.sax.EntityResolver; import org.xml.sax.ErrorHandler; @@ -78,6 +81,13 @@ private static class SystemPropertySource implements IntrospectionUtils.PropertySource { @Override public String getProperty( String key ) { + ClassLoader cl = Thread.currentThread().getContextClassLoader(); + if (cl instanceof PermissionCheck) { + Permission p = new PropertyPermission(key, "read"); + if (!((PermissionCheck) cl).check(p)) { + return null; + } + } return System.getProperty(key); } }
java/org/apache/tomcat/util/security/PermissionCheck.java+43 −0 added@@ -0,0 +1,43 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomcat.util.security; + +import java.security.Permission; + +/** + * This interface is implemented by components to enable privileged code to + * check whether the component has a given permission. + * This is typically used when a privileged component (e.g. the container) is + * performing an action on behalf of an untrusted component (e.g. a web + * application) without the current thread having passed through a code source + * provided by the untrusted component. Because the current thread has not + * passed through a code source provided by the untrusted component the + * SecurityManager assumes the code is trusted so the standard checking + * mechanisms can't be used. + */ +public interface PermissionCheck { + + /** + * Does this component have the given permission? + * + * @param permission The permission to test + * + * @return {@code false} if a SecurityManager is enabled and the component + * does not have the given permission, otherwise {@code false} + */ + boolean check(Permission permission); +}
webapps/docs/changelog.xml+8 −0 modified@@ -82,6 +82,14 @@ <bug>59859</bug>: Fix resource leak in WebDAV servlet. Based on patch by Coty Sutherland. (fschumacher) </fix> + <add> + Provide a mechanism that enables the container to check if a component + (typically a web application) has been granted a given permission when + running under a SecurityManager without the current execution stack + having to have passed through the component. Use this new mechanism to + extend SecurityManager protection to the system property replacement + feature of the digester. (markt) + </add> </changelog> </subsection> <subsection name="Coyote">
c1660182010bProvide a mechanism that enables the container to check if a component (typically a web application) has been granted a given permission when running under a SecurityManager without the current execution stack having to have passed through the component. Use this new mechanism to extend SecurityManager protection to the system property replacement feature of the digester.
4 files changed · +81 −1
java/org/apache/catalina/loader/WebappClassLoaderBase.java+20 −1 modified@@ -75,6 +75,7 @@ import org.apache.tomcat.util.IntrospectionUtils; import org.apache.tomcat.util.compat.JreCompat; import org.apache.tomcat.util.res.StringManager; +import org.apache.tomcat.util.security.PermissionCheck; /** * Specialized web application class loader. @@ -120,7 +121,7 @@ * @author Craig R. McClanahan */ public abstract class WebappClassLoaderBase extends URLClassLoader - implements Lifecycle, InstrumentableClassLoader, WebappProperties { + implements Lifecycle, InstrumentableClassLoader, WebappProperties, PermissionCheck { private static final Log log = LogFactory.getLog(WebappClassLoaderBase.class); @@ -1328,6 +1329,24 @@ protected PermissionCollection getPermissions(CodeSource codeSource) { } + @Override + public boolean check(Permission permission) { + if (!Globals.IS_SECURITY_ENABLED) { + return true; + } + Policy currentPolicy = Policy.getPolicy(); + if (currentPolicy != null) { + URL contextRootUrl = resources.getResource("/").getCodeBase(); + CodeSource cs = new CodeSource(contextRootUrl, (Certificate[]) null); + PermissionCollection pc = currentPolicy.getPermissions(cs); + if (pc.implies(permission)) { + return true; + } + } + return false; + } + + /** * {@inheritDoc} * <p>
java/org/apache/tomcat/util/digester/Digester.java+10 −0 modified@@ -23,11 +23,13 @@ import java.lang.reflect.InvocationTargetException; import java.net.URI; import java.net.URISyntaxException; +import java.security.Permission; import java.util.EmptyStackException; import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; +import java.util.PropertyPermission; import javax.xml.parsers.ParserConfigurationException; import javax.xml.parsers.SAXParser; @@ -37,6 +39,7 @@ import org.apache.juli.logging.LogFactory; import org.apache.tomcat.util.ExceptionUtils; import org.apache.tomcat.util.IntrospectionUtils; +import org.apache.tomcat.util.security.PermissionCheck; import org.xml.sax.Attributes; import org.xml.sax.EntityResolver; import org.xml.sax.ErrorHandler; @@ -78,6 +81,13 @@ private static class SystemPropertySource implements IntrospectionUtils.PropertySource { @Override public String getProperty( String key ) { + ClassLoader cl = Thread.currentThread().getContextClassLoader(); + if (cl instanceof PermissionCheck) { + Permission p = new PropertyPermission(key, "read"); + if (!((PermissionCheck) cl).check(p)) { + return null; + } + } return System.getProperty(key); } }
java/org/apache/tomcat/util/security/PermissionCheck.java+43 −0 added@@ -0,0 +1,43 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomcat.util.security; + +import java.security.Permission; + +/** + * This interface is implemented by components to enable privileged code to + * check whether the component has a given permission. + * This is typically used when a privileged component (e.g. the container) is + * performing an action on behalf of an untrusted component (e.g. a web + * application) without the current thread having passed through a code source + * provided by the untrusted component. Because the current thread has not + * passed through a code source provided by the untrusted component the + * SecurityManager assumes the code is trusted so the standard checking + * mechanisms can't be used. + */ +public interface PermissionCheck { + + /** + * Does this component have the given permission? + * + * @param permission The permission to test + * + * @return {@code false} if a SecurityManager is enabled and the component + * does not have the given permission, otherwise {@code false} + */ + boolean check(Permission permission); +}
webapps/docs/changelog.xml+8 −0 modified@@ -68,6 +68,14 @@ <code>dispatchersUseEncodedPaths</code> attribute of the Context. (markt) </fix> + <add> + Provide a mechanism that enables the container to check if a component + (typically a web application) has been granted a given permission when + running under a SecurityManager without the current execution stack + having to have passed through the component. Use this new mechanism to + extend SecurityManager protection to the system property replacement + feature of the digester. (markt) + </add> </changelog> </subsection> <subsection name="Coyote">
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
50- www.oracle.com/security-alerts/cpuoct2021.htmlnvdPatchThird Party AdvisoryWEB
- rhn.redhat.com/errata/RHSA-2017-0457.htmlnvdThird Party AdvisoryWEB
- www.debian.org/security/2016/dsa-3720nvdThird Party AdvisoryWEB
- access.redhat.com/errata/RHSA-2017:0455nvdThird Party AdvisoryWEB
- access.redhat.com/errata/RHSA-2017:0456nvdThird Party AdvisoryWEB
- access.redhat.com/errata/RHSA-2017:2247nvdThird Party AdvisoryWEB
- github.com/advisories/GHSA-2rvf-329f-p99gghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2016-6794ghsaADVISORY
- security.netapp.com/advisory/ntap-20180605-0001/nvdThird Party Advisory
- usn.ubuntu.com/4557-1/nvdThird Party Advisory
- www.securityfocus.com/bid/93943nvdBroken Link
- www.securitytracker.com/id/1037143nvdBroken Link
- github.com/apache/tomcat/commit/0b41766456b1980e4f809e13ad6dc9fa912bae7eghsaWEB
- github.com/apache/tomcat/commit/c1660182010b4255c21c874d69c124370a67784aghsaWEB
- github.com/apache/tomcat/commit/f8db078f1e6e8b225f8344e63595113ca34cd408ghsaWEB
- github.com/apache/tomcat80/commit/ae6163a4f230bc679abfc93e048ff92996badad6ghsaWEB
- lists.apache.org/thread.html/09d2f2c65ac4ff5da42f15dc2b0f78b655e50f1a42e8a9784134a9eb%40%3Cannounce.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/09d2f2c65ac4ff5da42f15dc2b0f78b655e50f1a42e8a9784134a9eb@%3Cannounce.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3EghsaWEB
- lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3EnvdWEB
- lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3EghsaWEB
- security.netapp.com/advisory/ntap-20180605-0001ghsaWEB
- usn.ubuntu.com/4557-1ghsaWEB
- web.archive.org/web/20170317100547/http://www.securitytracker.com/id/1037143ghsaWEB
- web.archive.org/web/20170626130744/http://www.securityfocus.com/bid/93943ghsaWEB
News mentions
0No linked articles in our index yet.