Shulou(Shulou.com)06/01 Report--

How to advertise Apache Tomcat files containing vulnerabilities CNVD-2020-10487. In view of this problem, this article introduces in detail the corresponding analysis and solutions, hoping to help more partners who want to solve this problem to find a more simple and easy way.

0x00 vulnerability background

On February 20, 2020, 360CERT monitoring found that the National Information Security vulnerability sharing platform (CNVD) included vulnerabilities in CNVD-2020-10487Apache Tomcat files.

Tomcat is a Servlet container developed by the Jakarta project under the Apache Software Foundation. It supports Servlet and JavaServer Page (JSP) according to the technical specifications provided by Sun Microsystems. Because Tomcat itself includes a HTTP server, it can also be considered a separate Web server. CNVD-2020-10487 is a file inclusion vulnerability that can be exploited by an attacker to read or include arbitrary files in all webapp directories on Tomcat, such as webapp configuration files, source code, etc.

0x01 risk rating

360CERT assesses the vulnerability

Evaluation methods, threat levels, high risk effects are extensive.

360CERT recommends that the majority of users pay attention to the update of Tomcat version in time. Do a good job of asset self-check / self-test / prevention to avoid attack.

0x02 affects version

Apache Tomcat 6

Apache Tomcat 7 < 7.0.100

Apache Tomcat 8 < 8.5.51

Apache Tomcat 9 < 9.0.31

0x03 repair recommendation

Update to the following Tomcat version

Tomcat branch version number Tomcat 77.0.0100Tomcat 88.5.51Tomcat 99.0.31

Apache Tomcat 6 maintenance has been stopped, please upgrade to the latest supported Tomcat version to avoid vulnerabilities.

Please pay close attention to Apache Tomcat ®- Welcome! Get the latest Tomcat Release version, and apache/tomcat: Apache Tomcat get the latest git version.

0x04 related spatial mapping data

Through surveying and mapping the assets of the whole network, it is found that Apache Tomcat is widely used in China. The specific distribution is shown in the following figure.

On how to carry out the Apache Tomcat file contains vulnerabilities CNVD-2020-10487 notice questions to share the answer here, I hope the above content can be of some help to you, if you still have a lot of doubts have not been solved, you can follow the industry information channel for more related knowledge.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.