Request a Demo
Rewterz
Rewterz Threat Advisory – CVE-2022-22942 – Linux Kernel Vulnerabaility
January 28, 2022
Rewterz
Rewterz Threat Alert – Raccoon Infostealer – Active IOCs
January 28, 2022

Rewterz Threat Advisory – CVE-2022-23181 – Apache Tomcat Vulnerability

Severity

High

Analysis Summary

CVE-2022-23181

Apache Tomcat could allow a local authenticated attacker to gain elevated privileges on the system, caused by a time of check, time of use flaw when configured to persist sessions using the FileStore. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to perform actions with the privileges of Tomcat process.

Impact

  • Priviilege Escalation

Affected Vendors

Apache Tomcat

Affected Products

  • Apache Tomcat 8.5.55
  • Apache Tomcat 8.5.73

Remediation

Upgrade to the latest version of Tomcat, available from the Apache Web site.

https://tomcat.apache.org/security-8.html