Skip to main content

Apache Tomcat Sensitive Information Disclosure Vulnerability

Last Update Date: 13 Oct 2020 10:55 Release Date: 13 Oct 2020 5386 Views

RISK: Medium Risk

TYPE: Servers - Web Servers

TYPE: Web Servers

A vulnerability was identified in Apache Tomcat, a remote attacker could exploit the vulnerability to trigger sensitive information disclosure on the targeted system.


Impact

  • Information Disclosure

System / Technologies affected

  • Apache Tomcat version 8.5.0 to 8.5.57
  • Apache Tomcat version 9.0.0.M1 to 9.0.37
  • Apache Tomcat version 10.0.0-M1 to 10.0.0-M7

Solutions

Before installation of the software, please visit the vendor's web-site for more details.

 

Apply fixes issued by the vendor: 

- Apache Tomcat version 8.5.58 or later

- Apache Tomcat version 9.0.38 or later

- Apache Tomcat version 10.0.0-M8 or later


Vulnerability Identifier


Source


Related Link