The Apache Tomcat servers that have been released over the last thirteen years are vulnerable to a bug known as “Ghostcat” (CVE-2020-1938) that allows hackers to take over unpatched systems. Discovered by Chinese cybersecurity firm Chaitin Tech, Ghostcat is a flaw in the Tomcat AJP protocol.
What is the Ghostcat Vulnerability (CVE-2020-1938)?
![](https://vulcan.io/wp-content/uploads/2020/10/fantasy-2847724_1920-1-1568x887.jpg)