Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AppDefects
Community Champion
‎02-28-2020 10:52 PM
‎02-28-2020 10:52 PM

GhostCat - Critical Apache Tomcat Vulnerability

Patch your Apache Tomcat servers NOW!

 

ALL versions (9.x/8.x/7.x/6.x) released in the past 13 years have been found vulnerable to a new CRITICAL (CVSS 9.8) vulnerability dubbed "GhostCat" (CVE-2020-1938). The flaw (described here) could let unauthenticated, remote attackers read the content of any file on a vulnerable web server and obtain sensitive configuration files or source code, or execute arbitrary code if the server allows file upload. There of lots of PoC exploits in the wild. Drop what you are doing now and upgrade!

Reply
0 Kudos
0 Replies