Apache Tomcat Vulnerabilities Found Using DefenseCode ThunderScan SAST
During the source code security analysis of Apache Tomcat with DefenseCode ThunderScan SAST solution, two different security issues were discovered, ranked as medium risk. When exploited, discovered vulnerabilities can be abused to disclose and retrieve arbitrary files on server, such as Apache Tomcat configuration file with plain text usernames and passwords or any other file which Apache Tomcat has permission to access.
Full vulnerability details are published as an advisory and include ThunderScan screenshots for better understanding of the vulnerability.
Regards,
DefenseCode Team
Latest News
- Latest Generation of Dynamic Application Security Testing solution from DefenseCode – WebStrike
- Ubiquitous AI Corporation appointed as DefenseCode’s partner
- DefenseCode announces GitHub Action to provide SAST solution for developers
- DefenseCode ThunderScan® SAST 2.1.0 added support for Go and ABAP languages
- ThunderScan® Enterprise SAST Now Supports Linux
