53 matches found
Apache Tomcat EncryptInterceptor DoS Vulnerability (May 2022) - Windows
Apache Tomcat is prone to a denial of service DoS vulnerability. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Apache Tomcat 8.5.38 < 8.5.79 EncryptInterceptor DoS
The version of Apache Tomcat installed on the remote host is 8.5.38 to 8.5.78, 9.0.13 to 9.0.62, 10.0.0-M1 to 10.0.20 or 10.1.0-M1 to 10.1.0-M14. It is, therefore, affected by a denial of service vulnerability. The documentation for the EncryptInterceptor incorrectly stated it enabled Tomcat...
Apache Tomcat 9.0.13 < 9.0.63 EncryptInterceptor DoS
The version of Apache Tomcat installed on the remote host is 8.5.38 to 8.5.78, 9.0.13 to 9.0.62, 10.0.0-M1 to 10.0.20 or 10.1.0-M1 to 10.1.0-M14. It is, therefore, affected by a denial of service vulnerability. The documentation for the EncryptInterceptor incorrectly stated it enabled Tomcat...
CVE-2022-29885
The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide...
CVE-2022-29885
The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide...
CVE-2022-29885
The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide...
CVE-2022-29885
The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide...
CVE-2022-29885
CVE-2022-29885 concerns Apache Tomcat EncryptInterceptor documentation, which incorrectly claimed clustering over untrusted networks. The vulnerability does not enable additional risks via DoS over untrusted networks; rather it exposes DoS risks that EncryptInterceptor does not guard against. Aff...
Apache Tomcat 10.0.0.M1 < 10.0.21
The version of Tomcat installed on the remote host is prior to 10.0.21. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat10.0.21security-10 advisory. - The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.3...
Apache Tomcat 10.1.0.M1 < 10.1.0.M15
The version of Tomcat installed on the remote host is prior to 10.1.0.M15. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat10.1.0-m15security-10 advisory. - The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and...
Apache Tomcat 9.0.13 < 9.0.63
The version of Tomcat installed on the remote host is prior to 9.0.63. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.63security-9 advisory. - The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 t...
Fixed in Apache Tomcat 10.0.21
Low: Apache Tomcat EncryptInterceptor DoS CVE-2022-29885 The documentation for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does...
PT-2022-2876
Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 10.1.0-M1 through 10.1.0-M14 Apache Tomcat versions 10.0.0-M1 through 10.0.20 Apache Tomcat versions 9.0.13 through 9.0.62 Apache Tomcat versions 8.5.38 through 8.5.78 Description The issue is related to the...