Announcement on Ghostcat vulnerability (CVE-2020-1938)

Announcement on Ghostcat vulnerability (CVE-2020-1938)

Dear users,

Ghostcat is a serious vulnerability in Apache Tomcat discovered by security researcher of Chaitin Tech. Due to a flaw in the Tomcat AJP protocol, an attacker can read or include any files in the webapp directories of Tomcat. For example, an attacker can read the webapp configuration files or source code.

In addition, if the target web application has a file upload function, the attacker may execute malicious code on the target host by exploiting file inclusion through Ghostcat vulnerability.

Reference: 

As we never used AJP protocols, all versions of ServiceDesk Plus are safe from this Ghostcast vulnerability.

We will keep this post updated on any further updates.


        New to M365 Manager Plus?
        New to M365 Manager Plus?
          New to RecoveryManager Plus?
          New to RecoveryManager Plus?
            New to Exchange Reporter Plus?
            New to Exchange Reporter Plus?
              New to SharePoint Manager Plus?
              New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial
                  Start your free trial

                        Related Products