Apache Tomcat Vulnerability

Apache Tomcat Remote Code Execution Vulnerability (CVE-2019-0232) Threat Alert

April 26, 2019


On April 10, local time, Apache Software Foundation officially released a security advisory, announcing the fix of a remote code execution vulnerability (CVE-2019-0232). The Java Runtime Environment (JRE), when running on a Windows system with enableCmdLineArguments enabled, passes command-line parameters to Windows in an incorrect manner. This leads to the CGI servlet susceptible to remote code execution attacks. By default, the CGI servlet is disabled. (more…)


Subscribe to the NSFOCUS Blog