Apache Tomcat Vulnerability (CVE-2020-9484) Scanner

If you are using Apache Tomcat, it is better to check your system if any vulnerability exists.

Details
Stay Up To Date
Asset Type

domain

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

30

Apache Tomcat Vulnerability (CVE-2020-9484) Scanner Detail

If you are using Apache Tomcat, it is better to check your system if any vulnerability exists.

Attacker can control the content and name of the file on the server. There are couple of conditions must be satisfied for a succesfull attack.

Vulnerable Versions are listed below.

  • 10.0.0-M1 to 10.0.0-M4
  • 9.0.0-M1 tı 9.0.34
  • 8.5.0 to 8.5.54
  • 7.0.0 to 7.0.103

Some Advice for Common Problems

Change your Apache Tomcat versions other than listed vulnerable ones. If you are using PersistenceManager, Configure its sessionAttributeValueClassNameFilter other than "Null". This will also eliminates this vulnerability.

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service