Apache Tomcat Permissions Privileges and Access Controls Vulnerability - CVE-2011-3190 - Vulnerability Database

Apache Tomcat Permissions Privileges and Access Controls Vulnerability - CVE-2011-3190

High
Reference: CVE-2011-3190
Title: Apache Tomcat Permissions Privileges and Access Controls Vulnerability
Overview:

Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20 6.0.0 through 6.0.33 5.5.0 through 5.5.33 and possibly other versions allow remote attackers to spoof AJP requests bypass authentication and obtain sensitive information by causing the connector to interpret a request body as a new request.