CVE-2020-1938: Apache Tomcat AJP Connector Remote Code Execution Vulnerability Alert
Apache Tomcat is an open-source implementation of the Java Servlet, JavaServer Pages, Java Expression Language, and WebSocket technologies. Tomcat provides a “pure Java” HTTP web server environment in which Java code can run. Recently, Apache Tomcat fixed a vulnerability (CVE-2020-1938) that allows an attacker to read any webapps files (such as webapp configuration files, source code, etc.) or include a file to remote code execution. The PoC was published.
Most server hosting providers fixed this Apache Tomcat Vulnerability earlier. However, You need to pick a Fastest WordPress Hosting company that always updates their Tomcat to the latest version thus benefiting with better security to safeguard against attacks and Vulnerabilities
Affected Version
- Apache Tomcat 6
- Apache Tomcat 7x <7.0.100
- Apache Tomcat 8x <8.5.51
- Apache Tomcat 9x <9.0.31
Unaffected version
- Apache Tomcat 6 is no longer maintained. Please upgrade to the latest supported version of Tomcat to avoid the vulnerability.
- Tomcat 7.0.0100
- Tomcat 8.5.51
- Tomcat 9.0.31
