Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2015-5345 - Vulnerability Database
Apache Tomcat

Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2015-5345

Medium
Reference: CVE-2015-5345
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-5345
Title: Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Overview:

The Mapper component in Apache Tomcat 6.x before 6.0.45 7.x before 7.0.68 8.x before 8.0.30 and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character.