Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-23181

The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore.

Published

2022-01-27T13:15:08.060

Last Modified

2024-11-21T06:48:08.640

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.0 (HIGH)

CVSSv2 Vector

AV:L/AC:H/Au:N/C:P/I:P/A:P

Access Vector: LOCAL
Access Complexity: HIGH
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

1.9

Impact Score

6.4

Weaknesses

Type: Primary
CWE-367
Type: Secondary
CWE-367

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apache	tomcat	≤ 8.5.73	Yes
Application	apache	tomcat	≤ 9.0.56	Yes
Application	apache	tomcat	≤ 10.0.14	Yes
Application	apache	tomcat	10.0.0	Yes
Application	apache	tomcat	10.0.0	Yes
Application	apache	tomcat	10.0.0	Yes
Application	apache	tomcat	10.0.0	Yes
Application	apache	tomcat	10.0.0	Yes
Application	apache	tomcat	10.0.0	Yes
Application	apache	tomcat	10.1.0	Yes
Application	apache	tomcat	10.1.0	Yes
Application	apache	tomcat	10.1.0	Yes
Application	apache	tomcat	10.1.0	Yes
Application	apache	tomcat	10.1.0	Yes
Application	apache	tomcat	10.1.0	Yes
Application	apache	tomcat	10.1.0	Yes
Application	apache	tomcat	10.1.0	Yes
Application	oracle	agile_engineering_data_management	6.2.1.0	Yes
Application	oracle	communications_cloud_native_core_policy	1.15.0	Yes
Application	oracle	financial_services_crime_and_compliance_management_studio	8.0.8.2.0	Yes
Application	oracle	financial_services_crime_and_compliance_management_studio	8.0.8.3.0	Yes
Application	oracle	managed_file_transfer	12.2.1.3.0	Yes
Application	oracle	managed_file_transfer	12.2.1.4.0	Yes
Application	oracle	mysql_enterprise_monitor	≤ 8.0.29	Yes
Operating System	debian	debian_linux	10.0	Yes
Operating System	debian	debian_linux	11.0	Yes

References

https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9 Mailing List, Mitigation, Vendor Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html Mailing List, Third Party Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20220217-0010/ Third Party Advisory ([email protected])
https://www.debian.org/security/2022/dsa-5265 Third Party Advisory ([email protected])
https://www.oracle.com/security-alerts/cpuapr2022.html Patch, Third Party Advisory ([email protected])
https://www.oracle.com/security-alerts/cpujul2022.html Patch, Third Party Advisory ([email protected])
https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9 Mailing List, Mitigation, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20220217-0010/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2022/dsa-5265 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/security-alerts/cpuapr2022.html Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/security-alerts/cpujul2022.html Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)