Skip to main content

Apache Tomcat Multiple Vulnerabilities

Release Date: 19 Nov 2024 4228 Views

RISK: Medium Risk

TYPE: Servers - Web Servers

TYPE: Web Servers

Multiple vulnerabilities were identified in Apache Tomcat, a remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass, cross-site scripting and information disclosure on the targeted system.


Impact

  • Security Restriction Bypass
  • Information Disclosure
  • Cross-Site Scripting

System / Technologies affected

  • Apache Tomcat 11.0.0
  • Apache Tomcat 11.0.0-M1 to 11.0.0-M26
  • Apache Tomcat 10.1.31
  • Apache Tomcat version 10.1.0-M1 to 10.1.30 
  • Apache Tomcat 9.0.96
  • Apache Tomcat version 9.0.0-M1 to 9.9.95
 

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

 

  • Apache Tomcat 11.0.1 or later
  • Apache Tomcat 10.1.33 or later
  • Apache Tomcat 9.0.97 or later

Vulnerability Identifier


Source


Related Link