February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2022-37234 – Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000 Vulnerability
September 29, 2022Rewterz Threat Advisory – Multiple Apache Pulsar Vulnerabilities
September 29, 2022Rewterz Threat Advisory – CVE-2022-37234 – Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000 Vulnerability
September 29, 2022Rewterz Threat Advisory – Multiple Apache Pulsar Vulnerabilities
September 29, 2022
Severity
Medium
Analysis Summary
CVE-2021-43980
Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by a long standing concurrency flaw in the simplified implementation of blocking reads and writes. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain Http11Processor instance information, and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2021-43980
Affected Vendors
Apache
Affected Products
- Apache Tomcat 8.5.0
- Apache Tomcat 10.0.0-M1
- Apache Tomcat 9.0.0-M1
- Apache Tomcat 10.1.0-M1
- Apache Tomcat 8.5.77
- Apache Tomcat 9.0.60
- Apache Tomcat 10.0.18
- Apache Tomcat 10.1.0-M12
Remediation
Upgrade to the latest version of Apache Tomcat, available from the Apache Website.