![]() Script_set_attribute(attribute:"description", value: "The remote Apache Tomcat server is affected by a vulnerability") Script_set_attribute(attribute:"synopsis", value: Script_name(english:"Apache Tomcat 9.0.40 < 9.0.54 vulnerability") Script_set_attribute(attribute:"plugin_modification_date", value:"7") ![]() This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. This is the tomcat_9_0_54.nasl nessus plugin source code. Risk InformationĬVSS V2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C CVSS Base Score:ĬVSS V3 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C CVSS Base Score: For more information, see how to use exploits safely. These exploits and PoCs could contain malware. WARNING: Beware of using unverified exploits from sources such as GitHub or Exploit-DB. In any other case, this would be considered as an illegal activity. Here's the list of publicly known exploits and PoCs for verifying the Apache Tomcat 9.0.40 < 9.0.54 vulnerability vulnerability:īefore running any exploit against any system, make sure you are authorized by the owner of the target system(s) to perform such activity. Upgrade to Apache Tomcat version 9.0.54 or later.Įxploit Ease: Exploits (PoCs) are available Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. This created a memory leak that, over time, could lead to a denial of service via an OutOfMemoryError. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was closed. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_9.0.54_security-9 advisory. The version of Tomcat installed on the remote host is prior to 9.0.54. The remote Apache Tomcat server is affected by a vulnerability Description Required KB Items : installed_sw/Apache Tomcat Name: Apache Tomcat 9.0.40 < 9.0.54 vulnerabilityĭependencies: apache_tomcat_nix_installed.nbin, tomcat_error_version.nasl, tomcat_win_installed.nbin
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |