Apache Tomcat Session Deserialization Code Execution Vulnerability (CVE-2021-2532 9) Threat Alert

março 5, 2021

Vulnerability Description On March 1, 2021, NSFOCUS observed that Apache Software Foundation (ASF) released a security bulletin to announce the fix of a remote code execution vulnerability via session persistence. This vulnerability is due to the bypass of the patch against CVE-2020-9484. If Tomcat’s session persistence function is used, its insecure configuration allows attackers to […]


Inscreva-se no Blog da NSFOCUS