- Home
- CVEs with nessus.description==Based on the Server response header, the installation of the JK
Connector (mod_jk) in Apache Tomcat listening on the remote host is
version 1.2.x prior to 1.2.41. It is, therefore, affected by an
information disclosure vulnerability due to improper handling of the
'JkUnmount' directive and multiple, adjacent slashes in requests. A
remote attacker can exploit this to access restricted private
artifacts, resulting in the disclosure of sensitive information.
Note that Nessus has not tested for this issue but has instead relied
only on the application's self-reported version number.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top