The CyberRisk Summit is back: Join us on Dec 6. as we recap the cyber risk landscape in 2022 | Get free ticket >> 

Live webinar, Oct 13: Attend to learn how you can deduplicate vulnerability and deliver a smarter approach to cyber risk management  | Register  >>

New report: Mapping MITRE ATT&CK framework to CVEs |  Read more  >>

What is the Ghostcat Vulnerability (CVE-2020-1938)?

The Apache Tomcat servers that have been released over the last thirteen years are vulnerable to a bug known as “Ghostcat” (CVE-2020-1938) that allows hackers to take over unpatched systems.  Discovered by Chinese cybersecurity firm Chaitin Tech, Ghostcat is a flaw in the Tomcat AJP protocol.