OVAL Reference oval:com.ubuntu.bionic:def:201687350000000

Oval Definition:

oval:com.ubuntu.bionic:def:201687350000000

Revision Date:	2017-04-06	Version:	1
Title:	CVE-2016-8735 on Ubuntu 18.04 LTS (bionic) - low.
Description:	Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2016-8735
Platform(s):	Ubuntu 18.04 LTS	Product(s):
Definition Synopsis
Ubuntu 18.04 LTS (bionic) is installed. AND Package Information tomcat7 package in bionic, is related to the CVE in some way and has been fixed (note: '7.0.73-1'). OR tomcat8 package in bionic was vulnerable but has been fixed (note: '8.0.38-2ubuntu1').