The open source web server Apache Tomcat can be attacked in various versions under Windows. If attackers exploited the vulnerability (CVE-2019-0232), they could run malicious code under some circumstances. Attacks are remotely but are not easily possible, the developers describe in a security warning. The security updates have classified them as "important."
Affected are the issues Apache Tomcat 7.0.0 to 7.0.93, 8.5.0 to 8.5.39 and 9.0.0M1 to 9.0.17. Admins should use the safe versions 7.0.93. 08/05/40 and 9.0.18 to install.
Attacks only work if the function
enableCmdLineArguments is enabled – by default this is not the case. An error in passing commands to Windows through Java Runtime Environment could cause malicious code to execute. In a blog post, security researcher Markus Wulftange describes in detail how an attack works.