CVE-2022-3270 Incomplete Documentation of remote functions in FESTO products.

In multiple products by Festo a remote unauthenticated attacker could use functions of an undocumented protocol which could lead to a complete loss of confidentiality, integrity and availability...

The vulnerability in the implementation of the EncryptInterceptor class of the Apache Tomcat application server allows a hacker to cause a service failure.

The vulnerability of the EncryptInterceptor class implementation in Apache Tomcat applications is related to incomplete documentation regarding program execution. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...