Apache.Tomcat.File.Disclosure
Description
Absolute path traversal vulnerability in Apache Tomcat, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
Affected Products
Apache Software Foundation, Tomcat.
Impact
Information disclosure, arbitrary file system acccess..
Recommended Actions
We are currently not aware of any officially released patch or update.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-11 | 16.978 |