icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Apache Tomcat 7.0.x < 7.0.4 File Permission Bypass Vulnerability

Low

Synopsis

The remote web server is affected by a security bypass vulnerability.

Description

Versions of Tomcat 7.0.x earlier than 7.0.4 are potentially affected by a security bypass vulnerability. When running under a SecurityManager, it is possible to grant a web application read/write permissions to any area on the file system.

Solution

Upgrade to Apache Tomcat 7.0.4 or later.