GhostCat Vulnerability

This document explains the CVE-2020-1938 GhostCat vulnerability that have been reported.

Vulnerability ID : CVE-2019-12133
Update Release build : 100505
Update Release Date : 05-March-2020
Reported by: Chaitin Tech, China

 

What is GhostCat Vulnerability?

GhostCat affects the default configuration of Tomcat servers. It is related to the Apache JServ Protocol (AJP) protocol. The AJP connector used by Tomcat is affected in such a way that it can be exploited by an unauthenticated attacker to access configuration and source code files for web applications deployed on a server. If the system allows users to upload files, an attacker can upload malicious JavaServer Pages (JSP) code to the server and use Ghostcat to execute that code.

How to fix it?

These vulnerabilities have been identified and fixed. To apply the fix, follow the steps mentioned below:

    1. Log in to your Endpoint DLP Plus console, click on your current build number on the top right corner.
    2. You can find the latest build applicable to you. Download the PPM and update.

 

Keywords: GhostCat, Security Updates, Vulnerabilities and Fixes.