Apache.Tomcat.Arbitrary.JSP.File.Upload

description-logoDescription

This indicates an attack attempt against a Code Execution vulnerability in Apache Tomcat.
The vulnerability is due to an error when vulnerable software handles a PUT request with malformed file name. A remote attacker may be able to exploit this to upload arbitrary JSP file onto the affected system and execute arbitrary code.

affected-products-logoAffected Products

Apache Tomcat version 7.0.0 to 7.0.79

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2023-01-10 22.472 Name:Apache.
Tomcat.
Arbitrary.
JSP.
file.
Upload:Apache.
Tomcat.
Arbitrary.
JSP.
File.
Upload
2020-03-03 15.787 Sig Added
2019-10-01 14.697 Sig Added
2019-03-28 14.582 Sig Added