Lucene search
China National Vulnerability DatabaseCNVD-2022-49970HistoryMay 13, 2022 - 12:00 a.m.
Apache Tomcat Denial of Service Vulnerability (CNVD-2022-49970)
2022-05-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
Apache Tomcat is a lightweight Web application server from the Apache Foundation in the United States. The program implements support for Servlet and JavaServer Page (JSP). Apache Tomcat suffers from a denial-of-service vulnerability that stems from a flaw in the configuration of Tomcat open clusters, which could be exploited by an attacker to construct malicious data to cause a denial of service in an unauthorized manner.
| CPE | Name | Operator | Version |
|---|---|---|---|
| Apache Tomcat >=10.0.0-M1, | le | 10.0.20 | |
| Apache Tomcat >=9.0.13, | le | 9.0.62 | |
| Apache Tomcat >=8.5.38, | le | 8.5.78 |