The Apache Software Foundation has issued an update for its Tomcat application server software addressing an important remote code execution vulnerability.
Developed and offered under open source licenses, Tomcat is a Servlet container for Java apps designed to provide a web server environment purely comprised of Java specifications and frameworks.
The flaw, designated as CVE-2019-0232, affects Tomcat versions 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93. The error is caused by a problem with how command line arguments are passed from the Java Runtime Environment to Windows, and affects instances of the CGI Servlet running on Windows with command line arguments enabled.
Although this vulnerability could allow hackers to remotely execute code on affected servers, its severity was designated as 'important' rather than 'critical', due to the fact that the Servlet in question is disabled by default, as is the option to enable command line arguments in later Tomcat versions.
The flaw was discovered and reported to Apache earlier this month by an unnamed security researcher, and was disclosed by the foundation following the release of the patches as part of Tomcat versions 9.0.19, 8.5.40 and 7.0.93.
Admins are urgently advised to patch any affected servers within their estates. Vulnerabilities in Apache software have led to a number of high-profile breaches, including the notorious Equifax hack, which was the result of an unpatched Apache Spark server.
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
Hackers are targeting Ivanti VPN users again – here’s what you need to knowNews Ivanti has re-patched a security flaw in its Connect Secure VPN appliances that's been exploited by a China-linked espionage group since at least the middle of March.
-
Broadcom issues urgent alert over three VMware zero-daysNews The firm says it has information to suggest all three are being exploited in the wild
-
Nakivo backup flaw still present on some systems months after firms’ ‘silent patch’, researchers claimNews Over 200 vulnerable Nakivo backup instances have been identified months after the firm silently patched a security flaw.
-
Everything you need to know about the Microsoft Power Pages vulnerabilityNews A severe Microsoft Power Pages vulnerability has been fixed after cyber criminals were found to have been exploiting unpatched systems in the wild.
-
Vulnerability management complexity is leaving enterprises at serious riskNews Fragmented data and siloed processes mean remediation is taking too long
-
A critical Ivanti flaw is being exploited in the wild – here’s what you need to knowNews Cyber criminals are actively exploiting a critical RCE flaw affecting Ivanti Connect Secure appliances
-
Researchers claim an AMD security flaw could let hackers access encrypted dataNews Using only a $10 test rig, researchers were able to pull off the badRAM attack
-
A journey to cyber resiliencewhitepaper DORA: Ushering in a new era of cyber security
