virus logo FortiClient Vulnerability

Apache Tomcat CVE-2013-4444 Code Injection Vulnerability

description-logoDescription

In very limited circumstances, it was possible for an attacker to upload a malicious JSP to a Tomcat server and then trigger the execution of that JSP. While Remote Code Execution would normally be viewed as a critical vulnerability, the circumstances under which this is possible are, in the view of the Tomcat security team, sufficiently limited that this vulnerability is viewed as important.

affected-products-logoAffected Applications

Apache Tomcat

CVE References

CVE-2013-4444

Other References

http://tomcat.apache.org/security.html
ID 43240
Created Jan 17, 2020
Description
Updated		 Dec 14, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor Apache
Patch manual
Application Apache Tomcat