- Home
- CVEs with nessus.description==According to its self-reported version number, the Apache Tomcat server listening on the remote host is 8.0.x prior to 8.0.17. It is, therefore, affected by a security bypass vulnerability due to a flaw that occurs when handling expression language. A remote attacker can exploit this, via a crafted web application, to bypass the security manager protection and execute arbitrary code.
Note that Nessus has not attempted to exploit this issue but has instead relied only on the application's self-reported version number.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top