The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
08 Dec 2023, 16:41
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:apache:tomcat:9.0.0:m1:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:9.0.0:m3:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:9.0.0:m7:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:9.0.0:m5:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:9.0.0:m8:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:9.0.0:m4:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:9.0.0:m2:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:9.0.0:m9:*:*:*:*:*:* |
cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:* |
07 Nov 2023, 02:34
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
18 Apr 2022, 17:56
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-863 | |
References | (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Patch, Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4557-1/ - Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Vendor Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20180605-0001/ - Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Vendor Advisory | |
References | (BID) http://www.securityfocus.com/bid/93940 - Broken Link | |
References | (REDHAT) http://rhn.redhat.com/errata/RHSA-2017-0457.html - Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Vendor Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2017:0456 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2017:2247 - Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Vendor Advisory | |
References | (SECTRACK) http://www.securitytracker.com/id/1037145 - Broken Link | |
References | (DEBIAN) http://www.debian.org/security/2016/dsa-3720 - Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Vendor Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Vendor Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2017:0455 - Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E - Mailing List, Patch, Vendor Advisory | |
CPE | cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.32:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.7:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.21:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.27:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.35:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.40:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.5.4:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.34:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.33:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.42:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.21:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.38:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.5.3:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.10:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.67:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.24:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.26:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.68:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.29:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.64:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.25:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.44:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.28:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.30:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.19:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.5.1:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.0:rc3:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.60:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.70:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.69:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.18:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.65:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.6:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.31:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.45:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.22:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.2:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.36:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.58:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.17:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.62:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.25:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.59:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.34:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.23:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.20:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.66:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.4:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.13:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.63:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.22:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.16:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.0.23:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.5.0:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:8.5.2:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:* |
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:* cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:* |
First Time |
Netapp snap Creator Framework
Debian debian Linux Redhat enterprise Linux Desktop Netapp oncommand Shift Redhat enterprise Linux Server Oracle Redhat enterprise Linux Eus Redhat enterprise Linux Server Tus Redhat jboss Enterprise Web Server Netapp Canonical ubuntu Linux Redhat enterprise Linux Server Aus Oracle tekelec Platform Distribution Canonical Debian Netapp oncommand Insight Redhat enterprise Linux Workstation Redhat |
20 Oct 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2017-08-10 22:29
Updated : 2023-12-10 12:15
NVD link : CVE-2016-6797
Mitre link : CVE-2016-6797
CVE.ORG link : CVE-2016-6797
JSON object : View
Products Affected
redhat
- enterprise_linux_server_tus
- enterprise_linux_desktop
- enterprise_linux_server
- enterprise_linux_workstation
- enterprise_linux_server_aus
- jboss_enterprise_web_server
- enterprise_linux_eus
netapp
- oncommand_insight
- oncommand_shift
- snap_creator_framework
apache
- tomcat
oracle
- tekelec_platform_distribution
debian
- debian_linux
canonical
- ubuntu_linux
CWE
CWE-863
Incorrect Authorization