Good Control
1 CVEs
product
Monthly
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Apache
File Upload
RCE
Tomcat
Geode
+19
NVD
Exploit-DB
CVSS 3.1
9.8
EPSS
99.3%
CVE-2020-1938
Maven
EPSS 99%
CVSS 9.8
CRITICAL
POC
KEV
PATCH
THREAT
Act Now
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Apache
File Upload
RCE
+21
NVD
Exploit-DB