Skip to main content

Apache Tomcat Multiple Vulnerabilities

Release Date: 23 May 2023 6621 Views

RISK: Medium Risk

TYPE: Servers - Web Servers

TYPE: Web Servers

Multiple vulnerabilities were identified in Apache Tomcat, a remote attacker could exploit some of these vulnerabilities to trigger denial of service and security restriction bypass on the targeted system.


Impact

  • Denial of Service
  • Security Restriction Bypass

System / Technologies affected

  • Apache Tomcat version 8.5.85 to 8.5.87
  • Apache Tomcat version 9.0.71 to 9.0.73
  • Apache Tomcat version 10.1.5 to 10.1.7
  • Apache Tomcat version 11.0.0-M2 to 11.0.0-M4

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

 

  • Apache Tomcat 8.5.88 or later
  • Apache Tomcat 9.0.74 or later
  • Apache Tomcat 10.1.8 or later
  • Apache Tomcat 11.0.0-M5 or later
 

Vulnerability Identifier


Source


Related Link