' in url relaive path as below: as it's a servlet based application, The issue occurs when I use '. cpe:2.3:a:apache_foundation:apache_tomcat:10.1. I am facing Apache Tomcat examples directory vulnerabilities in one of the scenario, what I use the pattern '.A remote attacker can perform a denial of service attack against the exposed EncryptInterceptor. The vulnerability exists due to an error in documentation for the EncryptInterceptor, which incorrectly stated that it enabled Tomcat clustering to run over an untrusted network. On February 20, China National Vulnerability Database (CNVD) published a security advisory for CNVD-2020-10487, a severe vulnerability in Apache Tomcats. Available versions include: Apache Tomcat 9 (1.2.0) Apache Tomcat 10 (1.0.0) Apache Tomcat 8 (1.1.0) Apache Tomcat. Because Jamf Pro requires Apache Tomcat and security is of utmost importance, we are passing on the following information so that you can take steps to mitigate the vulnerability if you have an on-premise environment. The vulnerability allows a remote attacker to perform DoS attack. DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, caused by a memory leak flaw in WebSocket connections. Apache Tomcat recently announced a security fix for a high-severity vulnerability in their product.
0 Comments
Leave a Reply. |