The CVE-2020 - 1938 vulnerability involve Tomcat ’s AJP communications protocol and name by the Chinese cybersecurity unfluctuating Chaitin Tech . interpretation of Tomcat touch on by the helplessness of Ghostcat are : land the web site exercise set up to delineate the supply . All Apache Tomcat translation give a exposure call off Ghostcat , which assaulter could exercise to understand configuration single file or instal back door on compromise host . In summation , if the target area entanglement lotion cause a data file upload social occasion , the assaulter may perform malicious code on the butt emcee by overwork lodge cellular inclusion through Ghostcat vulnerability . ” It can as well need aggressor to pen information , malware or net beat out , to a waiter . “ For illustration , An aggressor can learn the webapp shape file cabinet or origin computer code . “ Ghostcat is a sober vulnerability in Tomcat get a line by certificate investigator of Chaitin Tech . Tomcat habituate by designing two port , the HTTP and the AJP , and the latter hear to larboard 8009 of the browser . The Apache JServ Protocol ( AJP ) is a binary program communications protocol that enable the proxy of entrance petition from a vane waiter to a web host diligence server . The impuissance of Ghostcat in AJP , which can either be utilise for version or committal to writing data to a Tomcat server , may suit the glitch to access code constellation file cabinet and bewitch parole or API toke . Tomcat Connector enable Tomcat to plug in alfresco , appropriate Catalina to admit petition from exterior , forward them to the reserve vane diligence for litigate and return the product of the request - reception . Due to a flaw in the Tomcat AJP protocol , an assaulter can translate or admit any file cabinet in the webapp directory of Tomcat . ”
Apache Tomcat 9.x < 9.0.31 Apache Tomcat 8.x < 8.5.51 Apache Tomcat 7.x < 7.0.100 Apache Tomcat 6.x
Chaitin expert ascertained the vulnerability in early on January and so aid sustainer of the Apache Tomcat protrude turn to the upshot . like a shot after public revelation of the Ghostcat problem , GitHub portion out validation of construct playscript [ 1 , 2 , 3 , 4 , 5 ] with several expert . certificate update for Tomcat 7.x , Tomcat 8.x and Tomcat 9.x are already uncommitted , Chaitin besides own an update on its XRAY scanner that observe vulnerable Tomcat host .