Skip to main content

Apache Tomcat Multiple Vulnerabilities

Release Date: 3 Mar 2021 5230 Views

RISK: Medium Risk

TYPE: Servers - Web Servers

TYPE: Web Servers

Multiple vulnerabilities were identified in Apache Tomcat, a remote attacker could exploit some of these vulnerabilities to trigger remote code execution and sensitive information disclosure on the targeted system.


Impact

  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • Apache Tomcat 10.0.0-M1 to 10.0.0
  • Apache Tomcat 9.0.0.M1 to 9.0.41
  • Apache Tomcat 8.5.0 to 8.5.61
  • Apache Tomcat 7.0.0 to 7.0.107

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

 

  • Apache Tomcat 10.0.2 or later
  • Apache Tomcat 9.0.43 or later
  • Apache Tomcat 8.5.63 or later
  • Apache Tomcat 7.0.108 or later

Vulnerability Identifier


Source


Related Link