Remote Code Execution in Apache Tomcat on Windows
CVE-2019-0232
Key Information:
Badges
Summary
A vulnerability exists in the CGI Servlet of Apache Tomcat when configured with enableCmdLineArguments on Windows. This flaw allows an attacker to execute arbitrary code remotely due to improper handling of command line arguments passed from the Java Runtime Environment (JRE). Although the CGI Servlet is disabled by default, configurations enabling command line arguments could expose systems to exploitation. Users are advised to ensure secure configurations and update to patched versions to mitigate risks.
Affected Version(s)
Tomcat 9.0.0.M1 to 9.0.17
Tomcat 8.5.0 to 8.5.39
Tomcat 7.0.0 to 7.0.93
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
EPSS Score
97% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved