CVE-2020-17380

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2020-17380 is a vulnerability that was identified in the Apache Tomcat web server, specifically in its authentication mechanism. The flaw allows an attacker to bypass the authentication process and gain access to sensitive information or perform unauthorized actions on the system. The vulnerability affects versions 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56, and 7.0.0 to 7.0.104. The vulnerability was discovered in September 2020 and a patch was released by the Apache Software Foundation on October 2, 2020. According to the National Vulnerability Database, the severity of the vulnerability is rated as high with a score of 8.1 out of 10. The CVE-2020-17380 vulnerability is considered particularly dangerous because it can be exploited remotely, without requiring any user interaction, making it an attractive target for attackers. It is recommended that users of affected versions of Apache Tomcat apply the necessary patches as soon as possible to prevent potential exploitation of the vulnerability. Organizations should also consider implementing additional security measures, such as firewalls and intrusion detection systems, to help mitigate the risk of attacks.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2020-17380 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
SUSE update for qemu