cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Community Champion

GhostCat - Critical Apache Tomcat Vulnerability

Patch your Apache Tomcat servers NOW!

 

ALL versions (9.x/8.x/7.x/6.x) released in the past 13 years have been found vulnerable to a new CRITICAL (CVSS 9.8) vulnerability dubbed "GhostCat" (CVE-2020-1938). The flaw (described here) could let unauthenticated, remote attackers read the content of any file on a vulnerable web server and obtain sensitive configuration files or source code, or execute arbitrary code if the server allows file upload. There of lots of PoC exploits in the wild. Drop what you are doing now and upgrade!