National Cyber Warfare Foundation (NCWF)

Apache Tomcat Conditional Competition Code Execution Vulnerability (CVE-2024-50379)
0 user ratings		2024-12-19 10:43:04
milo
Blue Team (CND)
 - archive -- 

Overview Recently, NSFOCUS CERT detected that Apache issued a security announcement, fixing the Apache Tomcat conditional competition code execution vulnerability (CVE-2024-50379). Due to the inconsistency between Windows file system and Tomcat in case-distinguishing processing of paths, when the write function of default servlet is enabled (set readonly=false and allow PUT method), unauthenticated attackers can construct […]


The post Apache Tomcat Conditional Competition Code Execution Vulnerability (CVE-2024-50379) appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..


The post Apache Tomcat Conditional Competition Code Execution Vulnerability (CVE-2024-50379) appeared first on Security Boulevard.



NSFOCUS

Source: Security Boulevard
Source Link: https://securityboulevard.com/2024/12/apache-tomcat-conditional-competition-code-execution-vulnerability-cve-2024-50379/

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Blue Team (CND)


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.