Apache Tomcat Server - Local File Inclusion (CVE-2020-1938)
- Severity
- CVSSv3 Score
- 9.8
- Exploitable with Sniper
- Yes
- Vulnerability description
Apache Tomcat server is affected by a Local File Inclusion vulnerability, located in the /webapps/ROOT endpoint . If AJP Connector is accessible with the default configuration, an unauthenticated remote attacker can access arbitrary files from /webapps/ROOT directory and in some conditions could read arbitrary files from system . The root cause of this vulnerability consists in exposing AJP port to untrusted users in Apache Tomcat for the following versions: 7.0.99 and below, 8.5.50 and below or 9.0.30 and below. Only these specific versions are affected.
- Exploit capabilities
Sniper can read arbitrary files from the target system and extract them as evidence.
- Risk description
The risk exists that a remote unauthenticated attacker could exploit this vulnerability to read sensitive information from config files and in some conditions, like an upload functionality in the web application, this vulnerability could lead to a Remote Code Execution.
- Recommendation
Upgrade the Apache Tomcat server to a version equal to or higher than 7.0.100, 8.5.51, 9.0.31.
- Detectable with
- Network Scanner
- Vuln date
- Feb 2020
- Published at
- Updated at
- Software Type
- Web server
- Vendor
- Apache
- Product
- Tomcat
- Codename
- Ghostcat
