Vulnerability introduction
CVE-2020-1938 is an AJP file inclusion vulnerability affecting Tomcat. An attacker can exploit this vulnerability to read or include arbitrary files in all webapp directories on Tomcat through the Tomcat AJP Connector, such as configuration files or source code.
If the target application has a file upload function, the attacker can also exploit the file inclusion vulnerability to achieve remote code execution, causing serious security risks. The discoverer of this vulnerability is a security researcher from Changting Technology. This vulnerability exists in Tomcat due to a flaw in the design of the Tomcat AJP protocol.
Sphere of influence
-
Apache Tomcat 6
-
Apache Tomcat 7: Version< 7.0.100 Tomcat 7 is affected. This means that in 7.0.100 and above, some security vulnerabilities have been fixed.
-
Apache Tomcat 8: Version< 8.5.51 Tomcat 8 is affected. Users are advised to upgrade to the latest version to get the latest security fixes.
-
Apache Tomcat 9: Version< 9.0.31 Tomcat 9 is affected. Users are advised to upgrade to the latest version to get the latest security fixes.