The Apache Foundation has released security updates to address vulnerabilities in Apache Tomcat. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected server.

US-CERT encourages users and administrators to review the Apache advisories for CVE-2017-12615 and CVE-2017-12616 for more information and apply the necessary updates.