Apache Tomcat Arbitrary JSP Code Upload Vulnerability
RISK: Medium Risk
TYPE: Servers - Internet App Servers
A vulnerability has been identified in Apache Tomcat. A remote user can execute arbitrary code on the target system in certain cases.
A remote user can upload arbitrary JSP code and then cause the code to be executed in certain limited cases.
- Remote Code Execution
System / Technologies affected
- Versions 7.0.0 to 7.0.39
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix (7.0.40)