This host is running Apache Tomcat and is prone to security bypass vulnerability.
Successful exploitation will allow remote attackers to bypass certain authentication and obtain sensitive information. Impact Level: Application
Upgrade Apache Tomcat version to 7.0.14 or later, For updates refer to http://tomcat.apache.org
The flaw is due an error when enforcing security constraints. An attacker could exploit this vulnerability using @ServletSecurity annotations to bypass constraints and gain unauthorized access to the servlet.
Apache Tomcat version 7.0.13 and 7.0.12
Get the installed version of Apache Tomcat with the help of detect NVT and check the version is vulnerable or not.
- Apache Tomcat Information Disclosure Vulnerability
- @Mail 'MailType' Parameter Cross Site Scripting Vulnerability
- AjaXplorer 'doc_file' Parameter Local File Disclosure Vulnerability
- Alt-N WebAdmin Remote Source Code Information Disclosure Vulnerability
- Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability