Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Apache Tomcat 7.0.x < 7.0.59 / 8.0.x < 8.0.17 Security Manager Bypass

Medium

Synopsis

The remote web server is missing an Apache Tomcat patch update.

Description

Apache Tomcat 7.0.x before 7.0.59 or 8.0.x before 8.0.17 contains a flaw when handling expression language may allow an attacker to bypass the security manager protection. (CVE-2014-7810)

Solution

Update to Apache Tomcat version 7.0.59 or 8.0.17 or later.