Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-25762

If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that the application will continue to use the socket after it has been closed. The error handling triggered in this case could cause the a pooled object to be placed in the pool twice. This could result in subsequent connections using the same object concurrently which could result in data being returned to the wrong use and/or other errors.

Published

2022-05-13T08:15:06.843

Last Modified

2024-11-21T06:52:57.447

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.6 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Secondary
CWE-404
Type: Primary
CWE-404

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apache	tomcat	< 8.5.76	Yes
Application	apache	tomcat	< 9.0.21	Yes
Application	oracle	agile_plm	9.3.6	Yes

References

https://lists.apache.org/thread/6ckmjfb1k61dyzkto9vm2k5jvt4o7w7c Mailing List, Vendor Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20220629-0003/ Third Party Advisory ([email protected])
https://www.oracle.com/security-alerts/cpujul2022.html Patch, Third Party Advisory ([email protected])
https://lists.apache.org/thread/6ckmjfb1k61dyzkto9vm2k5jvt4o7w7c Mailing List, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20220629-0003/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/security-alerts/cpujul2022.html Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)