• info
• discussion
• exploit
• solution
• references

Apache Tomcat JULI Logging Component Default Security Policy Vulnerability

Exploiting this issue requires that attackers install/execute Java web applications in the vulnerable Tomcat server.