Vulners
Lucene search
Apache Tomcat 10.1.0.M1 < 10.1.55 multiple vulnerabilities
10
| Source | Link |
|---|---|
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
10
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(314335);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/05/26");
script_cve_id(
"CVE-2026-41284",
"CVE-2026-41293",
"CVE-2026-42498",
"CVE-2026-43512",
"CVE-2026-43513",
"CVE-2026-43514",
"CVE-2026-43515"
);
script_xref(name:"IAVA", value:"2026-A-0475");
script_name(english:"Apache Tomcat 10.1.0.M1 < 10.1.55 multiple vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"The remote Apache Tomcat server is affected by multiple vulnerabilities");
script_set_attribute(attribute:"description", value:
"The version of Tomcat installed on the remote host is prior to 10.1.55. It is, therefore, affected by multiple
vulnerabilities as referenced in the fixed_in_apache_tomcat_10.1.55_security-10 advisory.
- DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This
issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1
through 9.0.117, from 8.5.0 through 8.5.100, from before 7.0.0. Older unsupported versions any also be
affect Users are recommended to upgrade to version 11.0.22, 10.1.55 or 9.0.118 which fix the issue.
(CVE-2026-43512)
- Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same
extension in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from
10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from 7.0.0 through
7.0.109. Users are recommended to upgrade to version 11.0.22, 10.1.55 or 9.0.118 which fix the issue.
(CVE-2026-43515)
- Observable Timing Discrepancy vulnerability when comparing AJP secret in Apache Tomcat. This issue affects
Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through
9.0.117, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Older unsupported versions may also be
affected. Users are recommended to upgrade to version 11.0.22, 10.1.55 or 9.0.118 which fix the issue.
(CVE-2026-43514)
- Improper Handling of Case Sensitivity vulnerability in LockOutRealm in Apache Tomcat. This issue affects
Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through
9.0.117, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Older unsupported versions may also be
affected. Users are recommended to upgrade to version 11.0.22, 10.1.55 or 9.0.118 which fix the issue.
(CVE-2026-43513)
- Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability
in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through
10.1.54, from 9.0.2 through 9.0.117, from 8.5.24 through 8.5.100, from 7.0.83 through 7.0.109. Users are
recommended to upgrade to version 11.0.22, 10.1.55 or 9.0.118, which fix the issue. (CVE-2026-42498)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://github.com/apache/tomcat/commit/c621317382682206fb58ab92ebd3e1b6fdd10ce9
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?91c66a67");
# https://github.com/apache/tomcat/commit/a102a2a157868ca51d83eaf5a119ccd9976a113e
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f1632518");
# https://github.com/apache/tomcat/commit/4a90d3fa93988c447cd5bb7482f76ff70d7f15c2
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?231045d6");
# https://github.com/apache/tomcat/commit/3d4d3fae07a6cd9c2eb193c5491001740ec64448
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3987d902");
# https://github.com/apache/tomcat/commit/6cbe274592ef2d11607b5b188e1df649de52f8d5
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e85044b6");
# https://github.com/apache/tomcat/commit/19f17a257797e8d139b33ff9c88d362a273be148
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?75956f66");
# https://github.com/apache/tomcat/commit/f72a6174ab1f0f5a053435f80448b4f6837fe6d7
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1316cee0");
# https://github.com/apache/tomcat/commit/2a2476460e823789f530a22207873ea8cd6eff3b
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?17b828dc");
# https://github.com/apache/tomcat/commit/b3d1c1c239142e806be0b7329d304b94a58913ed
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?58fde87b");
# https://github.com/apache/tomcat/commit/a90c358400c133b6173c6b26591923bf814a8508
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5d8ccf66");
# https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.55
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?476cf8d6");
script_set_attribute(attribute:"solution", value:
"Upgrade to Apache Tomcat version 10.1.55 or later.");
script_set_attribute(attribute:"agent", value:"all");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-43512");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2026/05/11");
script_set_attribute(attribute:"patch_publication_date", value:"2026/05/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/05/12");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/a:apache:tomcat:10");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"II");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Web Servers");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("os_fingerprint.nasl", "tomcat_error_version.nasl", "tomcat_win_installed.nbin", "apache_tomcat_nix_installed.nbin");
script_require_keys("installed_sw/Apache Tomcat");
exit(0);
}
include('vcf_extras.inc');
vcf::tomcat::initialize();
var app_info = vcf::combined_get_app_info(app:'Apache Tomcat');
var constraints = [
{ 'min_version' : '10.1.0.M1', 'max_version' : '10.1.54', 'fixed_version' : '10.1.55' }
];
vcf::check_all_backporting(app_info:app_info);
vcf::check_granularity(app_info:app_info, sig_segments:3);
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_HOLE
);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
26 May 2026 00:00Current
5.8Medium risk
Vulners AI Score5.8
CVSS 3.19.8
EPSS0.00139
SSVC