Windows installations with enableCmdLineArguments enabled are vulnerable
https://www.bleepingcomputer.com/news/security/important-severity-remote-code-execution-vulnerability-patched-in-tomcat/
A remote code execution flaw impacting Apache Tomcat was fixed by the Apache Software Foundation to prevent potential remote attackers to exploit vulnerable servers and take control of affected systems.
The Apache Tomcat software (also known as the Tomcat Server) is an open source implementation for Java EE specifications such as the Java Servlet, Java Expression Language, JavaServer Pages, and Java WebSocket technologies, providing an HTTP web server designed to allow Java-based code to run.
Windows installations with enableCmdLineArguments enabled are vulnerable
Apr 15, 2019, 2:17pm UTC
https://www.bleepingcomputer.com/news/security/important-severity-remote-code-execution-vulnerability-patched-in-tomcat/
> A remote code execution flaw impacting Apache Tomcat was fixed by the Apache Software Foundation to prevent potential remote attackers to exploit vulnerable servers and take control of affected systems.
> The Apache Tomcat software (also known as the Tomcat Server) is an open source implementation for Java EE specifications such as the Java Servlet, Java Expression Language, JavaServer Pages, and Java WebSocket technologies, providing an HTTP web server designed to allow Java-based code to run.