Security News > 2020 > March > Hackers Scanning for Apache Tomcat Servers Vulnerable to Ghostcat Attacks

Hackers Scanning for Apache Tomcat Servers Vulnerable to Ghostcat Attacks
2020-03-05 12:29

Hackers have started scanning the web in search of Apache Tomcat servers affected by a recently disclosed vulnerability tracked as CVE-2020-1938 and dubbed Ghostcat.

Bad Packets told SecurityWeek on Wednesday that the scanning activity they have detected is designed to enumerate vulnerable servers by checking for the path "/WEB-INF/web.

The Ghostcat vulnerability has existed for more than a decade and it affects versions 6, 7, 8 and 9 of Apache Tomcat.

The security hole is related to the Apache JServ Protocol protocol, which is designed to improve performance by proxying inbound requests from a web server through to an application server.

Ghostcat affects the default configuration of Tomcat and many servers are vulnerable to attacks directly from the internet.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/XIGjUZLWxSo/hackers-scanning-apache-tomcat-servers-vulnerable-ghostcat-attacks

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apache 281 13 549 713 367 1642