15332 zip codetime zone

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server. Impact: CVSS base score 8.1 CVSS impact score 5.9 CVSS exploitability score 2.2 confidentialityImpact HIGH integrityImpact HIGH availabilityImpact HIGH Details: Recommendation: Upgrade to the latest version of software and apply the appropriate vendor-supplied patches. Ensure your anti-malware software has up-to-date signatures. The internal host should be checked for potential compromise. Ease of Attack:

15332 zip codemap

Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].

©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.