Details
-
Type:
Suggestion
-
Status: Closed (View Workflow)
-
Resolution: Done
-
Fix Version/s: 7.1.0
-
Component/s: Environment - Other
-
Labels:None
-
Feedback Policy:
Description
Fixes:
CVE-2020-1938 AJP Request Injection and potential Remote Code Execution
CVE-2020-1935 HTTP Request Smuggling
CVE-2019-17569 HTTP Request Smuggling
Attachments
Issue Links
- causes
-
BSERV-12266 Fails to start with error: The AJP Connector is configured with secretRequired="true" but the secret attribute is either null or "". This combination is not valid.
-
- Closed
-