Vulnerability & Exploit Database

Back to search

Apache Tomcat JULI Logging Component Security Bypass

Severity CVSS Published Added Modified
6 (AV:N/AC:L/Au:N/C:P/I:P/A:N) December 27, 2007 June 18, 2008 February 13, 2015

Description

Certain versions of Apache Tomcat fail to restrict certain permissions for web applications. This may allow a remote attacker to change the level, directory, and prefix attributes in the org.apache.juli.FileHandler handler.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

tomcat-5x-upgrade-5_5_26

Related Vulnerabilities