This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote Apache Tomcat server is affected by multiple
The version of Apache Tomcat installed on the remote host is 9.0.0.M1
or later but prior to 9.0.0.M22. It is, therefore, affected by
multiple vulnerabilities :
- A flaw exists in the CORS filter because the HTTP Vary header was
not properly added. This allows a remote attacker to conduct
client-side and server-side cache poisoning attacks.
- A flaw exists in the HTTP/2 implementation that bypasses a number
of security checks that prevented directory traversal attacks. A
remote attacker can exploit this to bypass security constraints.
Note that Nessus has not attempted to exploit this issue but has
instead relied only on the application's self-reported version number.
See also :
Upgrade to Apache Tomcat version 9.0.0.M22 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 3.7
Public Exploit Available : false