CVE-2016-5018

critical

Published 2017-08-10 · Modified 2024-04-18

CVSS v3

9.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CVSS v2

6.4

VIR risk

9.1

Description

Authentication Bypass Using an Alternate Path or Channel in Apache Tomcat

Exploit likelihood

94%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

vendor Authored 2026-05-27

Vendor advisory: security@apache.org — https://www.oracle.com/security-alerts/cpuoct2021.html

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2016-5018.html

OS	Version	Status
sles		affected
debian	8.0	affected
rhel	7.0	affected
rhel	7.4	affected
rhel	7.5	affected
rhel	7.6	affected
rhel	7.7	affected
ubuntu	16.04	affected

Ecosystem	Package	Vulnerable	Fixed
Maven	org.apache.tomcat:tomcat-jasper	`>=9.0.0.M1,<9.0.0.M10`	`9.0.0.M10`
Maven	org.apache.tomcat:tomcat-jasper	`>=8.5.0,<8.5.5`	`8.5.5`
Maven	org.apache.tomcat:tomcat-jasper	`>=8.0.0RC1,<8.0.37`	`8.0.37`
Maven	org.apache.tomcat:tomcat-jasper	`>=7.0.0,<7.0.72`	`7.0.72`
Maven	org.apache.tomcat:jasper	`>=6.0.0,<6.0.47`	`6.0.47`
Maven	org.apache.tomcat.embed:tomcat-embed-jasper	`>=9.0.0.M1,<9.0.0.M10`	`9.0.0.M10`
Maven	org.apache.tomcat.embed:tomcat-embed-jasper	`>=8.5.0,<8.5.5`	`8.5.5`
Maven	org.apache.tomcat.embed:tomcat-embed-jasper	`>=8.0.0RC1,<8.0.37`	`8.0.37`
Maven	org.apache.tomcat.embed:tomcat-embed-jasper	`>=7.0.0,<7.0.72`	`7.0.72`
Maven	org.apache.tomcat.embed:tomcat-embed-jasper	`>=6.0.0,<6.0.47`	`6.0.47`

Vendor	Product	Versions
apache	tomcat	`{"startIncluding":"6.0.0","endIncluding":"6.0.45"}`
apache	tomcat	`9.0.0`
netapp	oncommand_insight	`-`
netapp	oncommand_shift	`-`
netapp	snap_creator_framework	`-`
redhat	jboss_enterprise_application_platform	`6.4`
redhat	jboss_enterprise_web_server	`3.0.0`
oracle	tekelec_platform_distribution	`{"startIncluding":"7.4.0","endIncluding":"7.7.1"}`

Verify integrity in audit chain (admin only). AS-IS.