icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Apache Tomcat 7.0.x < 7.0.11 Security Bypass Vulnerability

Medium

Synopsis

The remote web server is affected by security bypass vulnerability.

Description

Versions of Tomcat 7.0.x earlier than 7.0.11 are potentially affected by a security bypass vulnerability. When a web application is started, 'ServletSecurity' annotations might be ignored which could lead to some areas of the application not being protected as expected.

Solution

Upgrade to Apache Tomcat 7.0.11 or later.