Apache Tomcat security restrictions bypass Vulnerability(CVE-2 0 1 6-6 7 9 7)
Release date: 2016-10-27
Update date: 2016-10-28
Affected system:
Apache Group Tomcat 7.0.0-7.0.70
BUGTRAQ ID: 9 3 9 4 0
CVE(CAN) ID: CVE-2 0 1 6-6 7 9 7
Apache Tomcat is a popular open source JSP application server program.
Apache Tomcat 7.0.0-7.0.70 in the realization of the presence of security restriction bypass vulnerability. An attacker could exploit this vulnerability to bypass certain security restrictions, perform unauthorized actions.
<*source: the Apache Tomcat security team
*>
Recommendations:
Manufacturers patch:
The Apache Group
------------
The current vendors have released an upgrade patch to fix this security issue, please go to the manufacturers home page download:
<https://tomcat.apache.org/security-7.html>
http://svn.apache.org/viewvc?view=revision&revision=1 7 5 7 2 7 5