Apache Tomcat CVE-2018-11784 can be remotely exploited by an attacker

By October 8, 2018 November 6th, 2018 Alerts

Waratek customers are protected by default rule

Customer Alert 20181008

The Apache Foundation has announced CVE-2018-11784, a flaw in multiple versions of the popular Tomcat server that can be used to cause a redirect to be generated to any URI of the attacker’s choice. The flaw was discovered and reported to the Apache Foundation by an independent security researcher.

Apache Tomcat 9.0.0.M1 to 9.0.11, Apache Tomcat 8.5.0 to 8.5.33, and Apache Tomcat 7.0.23 to 7.0.90 are vulnerable and an unsupported Tomcat 8.0.x release line has not been analyzed, but is likely to be affected.

Full details are available from The Apache Foundation.

Action Steps

Waratek Secure and Waratek Enterprise customers are already protected by an “Open Redirect” rule that is standard protection in the Waratek application security platform. Waratek rules provide protection against known and Zero Day attacks with zero configuration and no source code changes. Waratek’s out-of-the-box zero-day protection not only protects the Apache supported Tomcat versions but also also protects the Apache unsupported Tomcat 8.0.x release line.

Non-Waratek customers are advised to upgrade their versions of the vulnerable software.

For more information about how Waratek protects against CVE-2018-11784 , please contact your Waratek representative or schedule a demonstration.

Customer Alert


Author Waratek

Some of the world’s leading companies use Waratek to patch, secure and upgrade their mission critical web applications using our next generation technology. Waratek makes it easy for security teams to instantly patch known Java and .NET flaws with no downtime, protect their applications from known and Zero Day attacks, and virtually upgrade out-of-support Java applications – all without time consuming and expensive source code changes or unacceptable performance overhead.

More posts by Waratek