By Eduard Kovacs on October 04, 2017 Several vulnerabilities, including ones that allow remote attackers to execute arbitrary code, have been patched in recent weeks in Apache Tomcat.
Developed by The Apache Software Foundation, Apache Tomcat is an open source implementation of the Java Servlet, JavaServer Pager (JSP), Java WebSocket and Java Expression Language technologies.
Tomcat is said to be the most widely used web application server, with a presence in more than 70% of enterprise data centers.
Apache Tomcat developers informed users on Tuesday that the product is affected by a remote code execution vulnerability.
http://www.securityweek.com/sites/default/files/images/tomcat.png
The flaw, tracked as CVE-2017-12617 and classified as “important” severity, has been addressed with the release of versions 9.0.1, 8.5.23, 8.0.47 and 7.0.82. All previous 9.x, 8.5.x, 8.0.x and 7.0.x versions are impacted.
Full Article.
Code Execution Flaws Patched in Apache Tomcat
+54
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.