All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2020-1938
NONEKEVpublish date unavailable
CVSS / 10
// description
Apache Tomcat treats Apache JServ Protocol (AJP) connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited.
// required action (CISA KEV)
Apply updates per vendor instructions.
added 2022-03-03 00:00 UTC