CVSS 3.1 Score 7.5 of 10 (high)


Published Sep 13, 2023
Updated: Sep 29, 2023


CVE-2023-41081 is an important authentication bypass vulnerability affecting the mod_jk component of Apache Tomcat Connectors. This vulnerability allows for the unintended exposure of the status worker and bypassing of security constraints configured in httpd. It affects Apache Tomcat Connectors versions 1.2.0 through 1.2.48. To remediate this issue, users are advised to upgrade to version 1.2.49, which resolves the vulnerability by removing the implicit mapping functionality and requiring all mappings to be explicitly configured. The CVE has a base severity rating of HIGH, with a base score of 7.5, indicating its potential danger to organizations.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-41081 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options