{"id":321,"date":"2020-06-08T13:57:55","date_gmt":"2020-06-08T04:57:55","guid":{"rendered":"https:\/\/www.manageengine.jp\/support\/kb\/Patch_Manager_Plus\/?p=321"},"modified":"2020-06-08T15:57:11","modified_gmt":"2020-06-08T06:57:11","slug":"apache-tomcat%e3%81%ae%e8%84%86%e5%bc%b1%e6%80%a7cve-2020-9484%e3%81%ae%e5%bd%b1%e9%9f%bf%e3%81%af%e3%81%82%e3%82%8a%e3%81%be%e3%81%99%e3%81%8b%ef%bc%9f","status":"publish","type":"post","link":"https:\/\/www.manageengine.jp\/support\/kb\/Patch_Manager_Plus\/?p=321","title":{"rendered":"Apache Tomcat\u306e\u8106\u5f31\u6027(CVE-2020-9484)\u306e\u5f71\u97ff\u306f\u3042\u308a\u307e\u3059\u304b\uff1f"},"content":{"rendered":"<h5>\u8cea\u554f<\/h5>\n<p>Apache Tomcat\u306e\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u53ef\u80fd\u306a\u8106\u5f31\u6027(CVE-2020-9484)\u306e\u5f71\u97ff\u306f\u3042\u308a\u307e\u3059\u304b\uff1f<\/p>\n<h5>\u56de\u7b54<\/h5>\n<p>\u3044\u3044\u3048\u3001\u3042\u308a\u307e\u305b\u3093\u3002Patch Manager Plus\u306f\u3001Apache Tomcat\u306e\u8106\u5f31\u6027CVE-2020-9484\u306e\u5f71\u97ff\u3092\u53d7\u3051\u307e\u305b\u3093\u3002\u8a73\u7d30\u306f\u3001<a href=\"https:\/\/www.manageengine.com\/products\/desktop-central\/cve-2020-9484.html\">\u3053\u3061\u3089\u306e\u30da\u30fc\u30b8<\/a>(Desktop Central\u306b\u95a2\u3059\u308b\u82f1\u8a9e\u30da\u30fc\u30b8)\u3092\u3054\u89a7\u304f\u3060\u3055\u3044\u3002<\/p>\n<div class=\"attention\">\nCVE-2020-9484\u306f\u3001Apache Tomcat 8.5.55\u4ee5\u4e0b\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u306b\u304a\u3044\u3066\u3001\u6c38\u7d9a\u30bb\u30c3\u30b7\u30e7\u30f3\u30de\u30cd\u30fc\u30b8\u30e3\u30fc\u306b\u3088\u3063\u3066\u8a8d\u8a3c\u3055\u308c\u3066\u3044\u306a\u3044\u7b2c\u4e09\u8005\u304c\u4efb\u610f\u306e\u30b3\u30fc\u30c9\u3092\u5b9f\u884c\u53ef\u80fd\u3067\u3042\u308b\u3068\u3044\u3046\u3082\u306e\u3067\u3059\u3002<\/p>\n<ul>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-9484\">CVE - CVE-2020-9484<\/a><\/li>\n<\/ul>\n<p>\u3053\u306e\u8106\u5f31\u6027\u3092\u4f7f\u7528\u3059\u308b\u306b\u306f\u3001\u4ee5\u4e0b\u306e\u6761\u4ef6\u3092\u5168\u3066\u6e80\u305f\u3059\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u304c\u3001\u5f8c\u8ff0\u306ePersistenceManager\u3092\u4f7f\u7528\u3057\u306a\u3044\u305f\u3081\u3001<strong>Patch Manager Plus\u306fCVE-2020-9484\u306e\u5f71\u97ff\u3092\u53d7\u3051\u307e\u305b\u3093<\/strong>\u3002\u307e\u305f\u3001Patch Manager Plus\u306f\u30ed\u30fc\u30ab\u30eb\u30d5\u30a1\u30a4\u30eb\u30a4\u30f3\u30af\u30eb\u30fc\u30b8\u30e7\u30f3\u653b\u6483\u306b\u5bfe\u3057\u3066\u3082\u8106\u5f31\u6027\u306f\u3042\u308a\u307e\u305b\u3093\u3002<\/p>\n<ol>\n<li>\u60aa\u610f\u3042\u308b\u653b\u6483\u8005\u304c\u3001\u30b5\u30fc\u30d0\u30fc\u4e0a\u306e\u30d5\u30a1\u30a4\u30eb\u540d\u3001\u5185\u5bb9\u3092\u628a\u63e1\u3057\u3001\u7de8\u96c6\u3067\u304d\u308b<\/li>\n<li>Apache Tomcat\u304cFileStrage\u3067PersistenceManager\u3092\u4f7f\u7528\u3057\u3066\u3044\u308b<\/li>\n<li>PersistenceManager\u306b\u304a\u3044\u3066\u3001sessionAttributeValueClassNameFilter=\"null\"\u307e\u305f\u306f\u30aa\u30d6\u30b8\u30a7\u30af\u30c8\u306e\u30c7\u30b7\u30ea\u30a2\u30e9\u30a4\u30ba\u30d5\u30a3\u30eb\u30bf\u30fc\u6761\u4ef6\u304c\u5341\u5206\u306b\u8a2d\u5b9a\u3055\u308c\u3066\u3044\u306a\u3044<\/li>\n<li>FileStore\u304c\u4f7f\u7528\u3059\u308b\u30ed\u30b1\u30fc\u30b7\u30e7\u30f3\u304b\u3089\u3001\u5236\u5fa1\u3059\u308b\u30d5\u30a1\u30a4\u30eb\u3078\u306e\u76f8\u5bfe\u30d5\u30a1\u30a4\u30eb\u30d1\u30b9\u3092\u653b\u6483\u8005\u304c\u77e5\u3063\u3066\u3044\u308b<\/li>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>\u8cea\u554f Apache Tomcat\u306e\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u53ef\u80fd\u306a\u8106\u5f31\u6027(CVE-2020-9484)\u306e\u5f71\u97ff\u306f\u3042\u308a\u307e\u3059\u304b\uff1f \u56de\u7b54 \u3044\u3044\u3048\u3001\u3042\u308a\u307e\u305b\u3093\u3002Patc\u2026 <a href=\"https:\/\/www.manageengine.jp\/support\/kb\/Patch_Manager_Plus\/?p=321\" class=\"more\">\uff3b\u7d9a\u304d\u3092\u8aad\u3080\uff3d<\/a><\/p>\n","protected":false},"author":72,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_lmt_disableupdate":"","_lmt_disable":"","footnotes":""},"categories":[81,76],"tags":[117,116,26],"class_list":["post-321","post","type-post","status-publish","format-standard","hentry","category-faq","category-security-ptm","tag-cve-2020-9484","tag-tomcat","tag-26"],"modified_by":"seiji","_links":{"self":[{"href":"https:\/\/www.manageengine.jp\/support\/kb\/Patch_Manager_Plus\/index.php?rest_route=\/wp\/v2\/posts\/321","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.manageengine.jp\/support\/kb\/Patch_Manager_Plus\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.manageengine.jp\/support\/kb\/Patch_Manager_Plus\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.manageengine.jp\/support\/kb\/Patch_Manager_Plus\/index.php?rest_route=\/wp\/v2\/users\/72"}],"replies":[{"embeddable":true,"href":"https:\/\/www.manageengine.jp\/support\/kb\/Patch_Manager_Plus\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=321"}],"version-history":[{"count":2,"href":"https:\/\/www.manageengine.jp\/support\/kb\/Patch_Manager_Plus\/index.php?rest_route=\/wp\/v2\/posts\/321\/revisions"}],"predecessor-version":[{"id":323,"href":"https:\/\/www.manageengine.jp\/support\/kb\/Patch_Manager_Plus\/index.php?rest_route=\/wp\/v2\/posts\/321\/revisions\/323"}],"wp:attachment":[{"href":"https:\/\/www.manageengine.jp\/support\/kb\/Patch_Manager_Plus\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=321"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.manageengine.jp\/support\/kb\/Patch_Manager_Plus\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=321"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.manageengine.jp\/support\/kb\/Patch_Manager_Plus\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=321"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}