Source Code Disclosure Vulnerability in Tomcat DefaultServlet

Source Code Disclosure Vulnerability in Tomcat DefaultServlet

CVE-2002-1148 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.

Learn more about our Cis Benchmark Audit For Apache Http Server.