CVE-2020-1938

Apache Tomcat Improper Privilege Management Vulnerability

Beschreibung

Apache Tomcat treats Apache JServ Protocol (AJP) connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited.

Schweregrad: CRITICAL

CVSS-Score: 9.8

Hersteller: Apache

Produkt: Tomcat