Skip to main content

Apache Tomcat Remote Code Execution Vulnerability

Last Update Date: 4 Oct 2017 08:50 Release Date: 4 Oct 2017 4189 Views

RISK: Medium Risk

TYPE: Servers - Internet App Servers

TYPE: Internet App Servers

A vulnerability has been identified in Apache Tomcat, a remote attacker can exploit this vulnerability to perform remote code execution on the targeted system.


Impact

  • Remote Code Execution

System / Technologies affected

  • Apache Tomcat 9.0.0.M1 - 9.0.0
  • Apache Tomcat 8.5.0 - 8.5.22
  • Apache Tomcat 8.0.0.RC1 - 8.0.46
  • Apache Tomcat 7.0.0 - 7.0.81

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

 

Upgrade to a fixed version:

  • Apache Tomcat 9.0.1 or later
  • Apache Tomcat 8.5.23 or later
  • Apache Tomcat 8.0.47 or later
  • Apache Tomcat 7.0.82 or later

Vulnerability Identifier


Source


Related Link