The Apache Software Foundation has released security updates to address a vulnerability in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33, and 7.0.23 to 7.0.90. A remote attacker could exploit this vulnerability to obtain sensitive information.
NCCIC encourages users and administrators to review the Apache security advisory for CVE-2018-11784.
Please share your thoughts.
We recently updated our anonymous product survey; we'd welcome your feedback.