Apache Tomcat CGI Servlet Arbitrary Code Execution Vulnerability [CVE-2019-0232]

CVE Number – CVE-2019-0232

A vulnerability in the CGI Servlet of Apache Tomcat could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.The vulnerability occurs when enableCmdLineArguments is enabled on a Windows system and the Java Runtime Environment (JRE) passes command-line arguments to the system. An attacker could exploit this vulnerability by passing command-line arguments to the affected system. A successful exploit could allow the attacker to execute code on the targeted system.The Apache Software Foundation has issued confirmed this vulnerability however updates are not available.

Analysis

  • To exploit this vulnerability, the attacker must pass command-line JRE arguments to the targeted system, making exploitation more difficult in environments that restrict network access from untrusted sources.

Safeguards

  • Administrators are advised to check the vendor for future updates.Administrators are advised to allow only trusted users to have network access.Administrators are advised to monitor critical systems.

Vendor Announcements

Fixed Software

  • At the time this alert was first published, the Apache Software Foundation had not released software updates.

Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: