Published Jan 02
CVE-2024-50379 and CVE-2024-56337 Apache Tomcat Remote Code Execution Vulnerability
Description of Issue
Apache Tomcat vulnerability that can allow Remote Code Execution via write enabled Default Servlet.
Context
Content Manager
Vulnerability
Apache
Cause
Originally identified under CVE-2024-50379. Further mitigation was needed and an updated CVE for this is under CVE-2024-56337.
Resolution
Update Content Manager to the lastest 2024.1 version or newer.
Looking for labels? They can now be found in the details panel on the floating action bar.
Related content
Apache Struts Security Vulnerability
Apache Struts Security Vulnerability
More like this
Restarting Apache Tomcat Services
Restarting Apache Tomcat Services
More like this
Apache Tomcat Logs for Content Manager
Apache Tomcat Logs for Content Manager
More like this
Content Manager Update Fails On Step Verify Tomcat Variables - Tomcat Base Url Error
Content Manager Update Fails On Step Verify Tomcat Variables - Tomcat Base Url Error
More like this
Content Manager Upgrade Fails On Verify Tomcat Variables Step - Eagle ECM ElasticSearchServer Role
Content Manager Upgrade Fails On Verify Tomcat Variables Step - Eagle ECM ElasticSearchServer Role
More like this
Content Manager Upgrade Fails On Rename And Edit Tomcat Files Step - No Such File or Directory Error
Content Manager Upgrade Fails On Rename And Edit Tomcat Files Step - No Such File or Directory Error
More like this