Apache.Tomcat.File.Disclosure

description-logoDescription

Absolute path traversal vulnerability in Apache Tomcat, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.

affected-products-logoAffected Products

Apache Software Foundation, Tomcat.

Impact logoImpact

Information disclosure, arbitrary file system acccess..

recomended-action-logoRecommended Actions

We are currently not aware of any officially released patch or update.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-12-11 16.978