Kaspersky LabKLA12436KLA12436 PE vulnerability in Apache Tomcat
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.1 High
AI Score
Confidence
High
3.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
8.8%
Detect date:
01/20/2022
Severity:
Warning
Description:
Privilege escalation vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to gain privileges.
Affected products:
Apache Tomcat 10.0.x earlier than 10.0.16
Apache Tomcat 9.x earlier than 9.0.58
Apache Tomcat 8.5.x earlier than 8.5.75
Solution:
Update to the latest version
Tomcat 8.5 Software Downloads
Tomcat 9 Software Downloads
Tomcat 10.0 Software Downloads
Original advisories:
Apache Tomcat 8.5.x vulnerabilities
Apache Tomcat 9.x vulnerabilities
Apache Tomcat 10.0.x vulnerabilities
Impacts:
SB
Related products:
CVE-IDS:
CVE-2022-231817.0High
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23181
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Apache-Tomcat/
tomcat.apache.org/download-10.cgi
tomcat.apache.org/download-80.cgi
tomcat.apache.org/download-90.cgi
tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.16
tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.75
tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.58
Related
7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.1 High
AI Score
Confidence
High
3.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
8.8%