Apache Tomcat CGI Servlet Arbitrary Code Execution Vulnerability [CVE-2019-0232]
CVE Number – CVE-2019-0232
A vulnerability in the CGI Servlet of Apache Tomcat could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.The vulnerability occurs when enableCmdLineArguments is enabled on a Windows system and the Java Runtime Environment (JRE) passes command-line arguments to the system. An attacker could exploit this vulnerability by passing command-line arguments to the affected system. A successful exploit could allow the attacker to execute code on the targeted system.The Apache Software Foundation has issued confirmed this vulnerability however updates are not available.
Analysis
- To exploit this vulnerability, the attacker must pass command-line JRE arguments to the targeted system, making exploitation more difficult in environments that restrict network access from untrusted sources.
Safeguards
- Administrators are advised to check the vendor for future updates.Administrators are advised to allow only trusted users to have network access.Administrators are advised to monitor critical systems.
Vendor Announcements
- The Apache Software Foundation has issued a security notice at the following link: Apache Tomcat Remote Code Execution on Windows
Fixed Software
- At the time this alert was first published, the Apache Software Foundation had not released software updates.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.