Oval Definition:oval:com.ubuntu.artful:def:20155351000
Revision Date:2016-02-24Version:1
Title:CVE-2015-5351 on Ubuntu 17.10 (artful) - medium.
Description:The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a token.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2015-5351
Platform(s):Ubuntu 17.10
Product(s):
Definition Synopsis
  • Ubuntu 17.10 (artful) is installed.
  • AND Package Information
  • NOT While related to the CVE in some way, the 'tomcat7' package in artful is not affected (note: '7.0.68-1').
  • OR NOT While related to the CVE in some way, the 'tomcat8' package in artful is not affected (note: '8.0.32-1ubuntu1').
  • BACK