Is CVE-2018-11784 known to be exploited?

16 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apache Software Foundation Tomcat

CVE-2018-11784

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be us…

EPSS: 0.826 (99.3th percentile) — read the EPSS interpretation.

Affected products

Apache Software Foundation Tomcat — versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33, 7.0.23 to 7.0.90

Public proof-of-concept exploits

References

www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html (x_refsource_CONFIRM)
[announce] 20181003 [SECURITY] CVE-2018-11784 Apache Tomcat - Open Redirect (mailing-list, x_refsource_MLIST)
security.netapp.com/advisory/ntap-20181014-0002/ (x_refsource_CONFIRM)
105524 (vdb-entry, x_refsource_BID)
RHSA-2019:0131 (x_refsource_REDHAT, vendor-advisory)
RHSA-2019:0485 (x_refsource_REDHAT, vendor-advisory)
RHSA-2019:0130 (x_refsource_REDHAT, vendor-advisory)
[debian-lts-announce] 20181014 [SECURITY] [DLA 1544-1] tomcat7 security update (mailing-list, x_refsource_MLIST)
USN-3787-1 (x_refsource_UBUNTU, vendor-advisory)
[debian-lts-announce] 20181015 [SECURITY] [DLA 1545-1] tomcat8 security update (mailing-list, x_refsource_MLIST)

Frequently asked questions

What is CVE-2018-11784?: CVE-2018-11784 is a vulnerability in Apache Software Foundation Tomcat. Published 2018-10-04.
Is CVE-2018-11784 known to be exploited?: 16 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.