virus logo FortiClient Vulnerability

Apache Tomcat CVE-2014-0096 Weak Authentication Vulnerability

description-logoDescription

The default servlet allows web applications to define (at multiple levels) an XSLT to be used to format a directory listing. When running under a security manager, the processing of these was not subject to the same constraints as the web application. This enabled a malicious web application to bypass the file access constraints imposed by the security manager via the use of external XML entities.

affected-products-logoAffected Applications

Apache Tomcat

CVE References

CVE-2014-0096

Other References

http://tomcat.apache.org/security.html
ID 43284
Created Jan 17, 2020
Description
Updated		 Dec 14, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor Apache
Patch manual
Application Apache Tomcat