Number: AV18-105
Date: 29 June 2018
Purpose
The purpose of this advisory is to bring attention to an Apache Tomcat security update.
Assessment
A vulnerability in the Cross-Origin Resource Sharing (CORS) filter feature of Apache Tomcat could allow an unauthenticated, remote user to bypass security restrictions on a targeted system.
CVE References: CVE-2018-8014
Suggested action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.