#VU15703 Path traversal in Apache Tomcat JK ISAPI Connector
Vulnerability identifier: #VU15703
Vulnerability risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-22
Exploitation vector: Network
Exploit availability: Yes
Vulnerable software:
Apache Tomcat JK ISAPI Connector
Client/Desktop applications /
Plugins for browsers, ActiveX components
Vendor: Apache Foundation
Description
The vulnerability allows a remote attacker to perform path traversal attacks.
The vulnerability exists due to input validation error when matching requested path against URI-worker map in Apache Tomcat JK (mod_jk) Connector within the Apache Web Server (httpd) specific code. A remote attacker can send a specially crafted HTTP request to the affected system and expose application functionality through the reverse proxy that was not intended for clients accessing the application via the reverse proxy.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Apache Tomcat JK ISAPI Connector: 1.2.0 - 1.2.44
External links
http://lists.apache.org/thread.html/6d564bb0ab73d6b3efdd1d6b1c075d1a2c84ecd84a4159d6122529ad@%3Cannounce.tomcat.apache.org%3E
http://tomcat.apache.org/security-jk.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
