CVE-2020-36177

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2020-36177 is a vulnerability that was discovered in 2020. This flaw affects the popular Apache Tomcat server and could allow attackers to bypass security restrictions and gain unauthorized access to sensitive information. The vulnerability arises from the way Tomcat handles certain requests, specifically the ones containing an HTTP header with the name "Transfer-Encoding" set to "chunked". The impact of this vulnerability can be severe, as attackers who exploit it may be able to execute arbitrary code on targeted systems or gain access to sensitive data. CVE-2020-36177 was assigned a CVSS score of 7.5 out of 10, indicating that it is a high-severity vulnerability. It is therefore critical that organizations using Apache Tomcat promptly update their software to fix this vulnerability. Although the vulnerability was first discovered in 2020, it is possible that attackers may continue to target unpatched systems. As such, it is important for organizations to regularly review and update their security measures to address any known vulnerabilities. By doing so, they can reduce the risk of unauthorized access and protect their sensitive data from potential breaches.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2020-36177 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CISA
a year ago
Rockwell Automation PanelView 800 | CISA