Дата обнаружения
|
22/07/2018 |
Уровень угрозы
|
Critical |
Описание
|
Multiple serious vulnerabilities have been found in Apache Tomcat. Malicious users can exploit these vulnerabilities to obtain sensitive information and bypass security restrictions. Below is a complete list of vulnerabilities:
Technical details Vulnerability (1) appears only when using TLS with the WebSocket client was missing. Vendor have been enabled by default. Vulnerability (2) affects only Apache Tomcat 8.5.x and 9.x |
Пораженные продукты
|
Apache Tomcat 9.x earlier than 9.0.10 |
Решение
|
Update to the latest version |
Первичный источник обнаружения
|
Apache Tomcat 8.x vulnerabilities Apache Tomcat 9.x vulnerabilities Apache Tomcat 7.x vulnerabilities |
Оказываемое влияние
?
|
OSI
[?]
SB
[?]
|
Связанные продукты
|
Apache Tomcat |
CVE-IDS
|
|
Узнай статистику распространения уязвимостей в твоем регионе |