Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2020-1938

Apache | TomcatAdded 2022-03-03Remediation Deadline 2022-03-17

Apache Tomcat Improper Privilege Management Vulnerability

Apache Tomcat treats Apache JServ Protocol (AJP) connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited.

Required Action

Apply updates per vendor instructions.

References