Vulnerable Tomcat Version

Severity:: Medium

Description

The Apache Tomcat version used is outdated and has security flaws. Vulnerabilities in older versions could be exploited by attackers to compromise the server, leading to unauthorized access, data leakage, or service disruption.

Recommendation

Update the Apache Tomcat to any of the following versions:

>8.5.98
>9.0.117
>10.1.54
>11.0.21

References

Apache Tomcat
Apache Tomcat
CAPEC-310
OWASP 2021-A6

Related Issues

Vulnerable PHP Version - Vulnerability
Vulnerable Apache Version - Vulnerability
Vulnerable Nginx Version - Vulnerability
Vulnerable IIS Version - Vulnerability

Exploiting Server Version Disclosure

Better Passive Vulnerability Testing with SmartScanner version 1.7

3 reasons why any website's security is important

Tags:: Tomcat; Web Server; Outdated

Anything's wrong? Let us know Last updated on May 28, 2026