Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Apache Tomcat 7.0.x < 7.0.12 Multiple Vulnerabilities

Medium

Synopsis

The remote web server is affected by security bypass vulnerability.

Description

Versions of Tomcat 7.0.x earlier than 7.0.12 are potentially affected by multiple vulnerabilities :

- An information disclosure exists in the HTTP BIO connector. (CVE-2011-1475)

- A security bypass vulnerability exists due to a regression in the fix for CVE-2011-1088. Note that this issue only affects Tomcat 7.0.11.(CVE-2011-1183)

Solution

Upgrade to Apache Tomcat 7.0.12 or later.