Tomcat – Path Traversal

Description

During the scan, Kayran has detected that your system might be vulnerable to Path Traversal (also known as Directory Traversal) attacks. It’s caused due to the Tomcat version you’re using.

Path Traversal attacks aims to access files and directories that are stored outside the originally intended folder.
By manipulating files using a “../” for example, or, by using absolute file paths, the attacker will gain access to files and directories that are stored on your system. The attacker can even gain access to your app’s source code and other critical setting affecting your assets.

Recommendation

There are some ways to handle these situations. The main, recommended solution is to update your Tomcat to it’s latest version.

References

https://tomcat.apache.org/migration.html

< Return to all Vulnerabilities

APT vs. ATP

In this article we will talk about APT vs. ATP. In other words, Advanced Persistent Threat and Advanced Threat Protection and the context between these

Read More »