CNNVD-ID编号 | CNNVD-201912-924 |
CVE编号 | CVE-2019-12418 |
发布时间 | 2019-12-19 |
更新时间 | 2020-09-24 |
漏洞类型 | 其他 |
漏洞来源 | Ubuntu,Debian,Red Hat,Gentoo |
危险等级 | 高危 |
威胁类型 | 本地 |
厂 商 | N/A |
Apache Tomcat是美国阿帕奇(Apache)软件基金会的一款轻量级Web应用服务器。该程序实现了对Servlet和JavaServer Page(JSP)的支持。
Apache Tomcat 9.0.0.M1版本至9.0.28版本、8.5.0版本至8.5.47版本和7.0.0版本至7.0.97版本中存在安全漏洞。攻击者可通过实施中间人攻击利用该漏洞获取用户名和密码,访问JMX界面,控制Tomcat实例。
目前厂商已发布升级了Apache Tomcat 安全漏洞的补丁,Apache Tomcat 安全漏洞的补丁获取链接:
http://tomcat.apache.org/security-8.html
来源:BUGTRAQ
来源:CONFIRM
来源:CONFIRM
来源:CONFIRM
链接:https://support.f5.com/csp/article/K10107360?utm_source=f5support&utm_medium=RSS
来源:SUSE
链接:http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html
来源:DEBIAN
来源:tomcat.apache.org
来源:tomcat.apache.org
来源:tomcat.apache.org
来源:www.suse.com
链接:https://www.suse.com/support/update/announcement/2020/suse-su-20200029-1.html
来源:www.suse.com
链接:https://www.suse.com/support/update/announcement/2020/suse-su-20200226-1.html
来源:www.debian.org
来源:vigilance.fr
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/156827/Gentoo-Linux-Security-Advisory-202003-43.html
来源:www.ibm.com
来源:www.auscert.org.au
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/156094/Ubuntu-Security-Notice-USN-4251-1.html
来源:www.ibm.com
来源:www.auscert.org.au
来源:www.auscert.org.au
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/155792/Debian-Security-Advisory-4596-1.html
来源:www.auscert.org.au
来源:www.auscert.org.au
来源:www.ibm.com
来源:www.auscert.org.au
来源:www.ibm.com
来源:www.auscert.org.au
来源:www.auscert.org.au
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/157312/Red-Hat-Security-Advisory-2020-1520-01.html
来源:www.auscert.org.au
来源:www.auscert.org.au
来源:www.auscert.org.au
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/156781/Red-Hat-Security-Advisory-2020-0861-01.html
暂无