The host is installed with Apache Tomcat 9.0.0.M1 through 9.0.9, 7.0.25 through 7.0.88, 8.0.x through 8.0.52 or 8.5.x through 8.5.31 and is prone to a security bypass vulnerability. A flaw is present in application, which fails to properly perform host name verification. Successful exploitation allow attackers to bypass security constraints.