This event is generated when attacker attempts to exploit an Apache Tomcat remote code execution vulnerability.
Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service
CVSS base score 9.8
CVSS impact score 5.9
CVSS exploitability score 3.9
Confidentiality Impact HIGH
Integrity Impact HIGH
Availability Impact HIGH
CVE-2016-8735: Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.