Tomcat Apache AJP request
Find the used Tomcat Apache servers in IT infrastructure
On request we can do the job for you incl. the updates.
This security advisory addresses the problem and its solution regarding a serious vulnerability (CVE-2020-1938) discovered by security researchers.
You are requested to read this security advisory fully to understand the nature of the issue and the steps that follow to fix the vulnerability.
Whom does it affect?
All the products that use Apache Tomcat version 8.5.50 and below, incluidng F,i ManageEngine Desktop Central server.
What is the issue?
The vulnerability is named as Ghostcat and was discovered by external security researchers of Chaitin Tech. Owing to a security flaw in a third party component, Tomcat Jserv Protocol (AJP), anyone present in the same network as Desktop Central server, could access the sensitive information present in the webapps configuration files.The third party component, Tomcat Apache Jserv Protocal (AJP), had a major vulnerability that could allow users to This vulnerablility allows network users Furthermore, the source code could be accessed without authentication. One could upload malicious code to the server which could lead to remote code execution.
What is the severity level of the vulnerability?
The risk involved in the possible disclosure of sensitive information is very high.
What is the impact of the issue?
Sensitive information could be disclosed due to unauthenticated access to webapps configuration files. Malicious code could be uploaded to the server which could also lead to the Remote Code Execution.
What steps were taken by the Desktop Central team to mitigate this issue?
Once the Ghostcast vulnerability was publicly announced by Apache Tomcat on 24th February 2020, our Desktop Central Security Team started addressing the issue immediately. The fix for this vulnerability was released on 4th March 2020.