...
Apache Tomcat version 6.x (all versions) |
Apache Tomcat version 7.x (before version 7.0.100) |
Apache Tomcat version 8.x (before version 8.5.51) |
Apache Tomcat version 9.x (before version 9.0.31) |
How can I fix it?
You can fix the vulnerability by installing / updating your Apache Tomcat installation to version 7.0.100 , 8.5.51 or 9.0.31.
If you do not use other web application that use the AJP you may disable it as stated here:
...