Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Apache Tomcat Improper Encoding or Escaping of Output Vulnerability - CVE-2021-30640 - Vulnerability Database
Apache Tomcat

Apache Tomcat Improper Encoding or Escaping of Output Vulnerability - CVE-2021-30640

Medium
Reference: CVE-2021-30640
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-30640
Title: Apache Tomcat Improper Encoding or Escaping of Output Vulnerability
Overview:

A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5 9.0.0.M1 to 9.0.45 8.5.0 to 8.5.65.