HomePentest-Tools.com Logo

Apache Tomcat Server - Local File Inclusion (CVE-2020-1938)

Severity
CVSSv3 Score
9.8
Vulnerability description

Apache Tomcat server is affected by a Local File Inclusion vulnerability, located in the /webapps/ROOT endpoint . If AJP Connector is accessible with the default configuration, an unauthenticated remote attacker can access arbitrary files from /webapps/ROOT directory and in some conditions could read arbitrary files from system . The root cause of this vulnerability consists in exposing AJP port to untrusted users in Apache Tomcat for the following versions: 7.0.99 and below, 8.5.50 and below or 9.0.30 and below. Only these specific versions are affected.

Risk description

The risk exists that a remote unauthenticated attacker could exploit this vulnerability to read sensitive information from config files and in some conditions, like an upload functionality in the web application, this vulnerability could lead to a Remote Code Execution.

Exploit capabilities

Sniper can read arbitrary files from the target system and extract them as evidence.

Recommendation

Upgrade the Apache Tomcat server to a version equal to or higher than 7.0.100, 8.5.51, 9.0.31.

Codename
Ghostcat
Detectable with
Network Scanner
Exploitable with Sniper
Yes
Vuln date
Feb 2020
Published at
Updated at
Software Type
Web server
Vendor
Apache
Product
Tomcat