Multiple Apache Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-39928 CVSS:5.3

Apache Linkis could allow a remote attacker to bypass security restrictions, caused by a random string vulnerability in Spark EngineConn. An attacker could exploit this vulnerability to launch further attacks on the system.

CVE-2024-38286 CVSS:7.5

Apache Tomcat is vulnerable to a denial of service, caused by the improper handling of the TLS handshake process under certain configurations. By sending specially crafted requests, a remote attacker could exploit this vulnerability to cause an OutOfMemoryError resulting in a denial of service.

Impact

Security Bypass
Denial of Service

Indicators of Compromise

CVE

CVE-2024-39928
CVE-2024-38286

Affected Vendors

Apache

Affected Products

Apache Linkis Spark EngineConn - 1.3.0
Apache Tomcat - 9.0.13
Apache Tomcat - 9.0.89
Apache Tomcat - 10.1.0-M1
Apache Tomcat - 10.1.24

Remediation

Upgrade to the latest version of Apache, available from the Apache Website.

CVE-2024-39928

CVE-2024-38286

Bitter APT – Active IOCs

Chinese Threat Actors Infiltrate American ISPs as Part of Cyber Espionage Operation

Multiple Apache Products Vulnerabilities

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan