CVE-2020-0822

Improper Privilege Management in maven/org.apache.tomcat/tomcat-util

Identifiers

CVE-2020-0822

Package Slug

maven/org.apache.tomcat/tomcat-util

Vulnerability

Improper Privilege Management

Description

An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations, aka 'Windows Language Pack Installer Elevation of Privilege Vulnerability'. Note this is due to axis2 clustering including a dependency to tomcat which is vulnerable to this issue.

Affected Versions

Version 9.0.52

Solution

Upgrade to version 10.0.0-M1 or above.

Last Modified

2021-09-16

source