Apache Tomcat AJP Connector Request Injection (Ghostcat)

book

Article ID: 191798

calendar_today

Updated On:

Products

CA Workload Automation iDash for CA 7

Issue/Introduction

CVE-2020-1938.

Discussion: A file read/inclusion vulnerability was found in AJP connector. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and gain remote code execution (RCE).

Recommended Remediation: Update the AJP configuration to require authorization and/or upgrade the Tomcat server to 7.0.100, 8.5.51, 9.0.31 or later.



VUF-15861972

Apache Tomcat AJP Connector Request Injection (Ghostcat)

VUF-15861967

Apache Tomcat AJP Connector Request Injection (Ghostcat)

Environment

Release : 12.1

Component : CA WORKLOAD AUTOMATION iDASH FOR CA 7

Resolution

To be addressed in a future release of iDash.