7

CVE-2022-23181

Local privilege escalation with FileStore

The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheTomcat Version >= 8.5.55 <= 8.5.73
ApacheTomcat Version >= 9.0.35 <= 9.0.56
ApacheTomcat Version >= 10.0.1 <= 10.0.14
ApacheTomcat Version10.0.0 Updatemilestone10
ApacheTomcat Version10.0.0 Updatemilestone5
ApacheTomcat Version10.0.0 Updatemilestone6
ApacheTomcat Version10.0.0 Updatemilestone7
ApacheTomcat Version10.0.0 Updatemilestone8
ApacheTomcat Version10.0.0 Updatemilestone9
ApacheTomcat Version10.1.0 Updatemilestone1
ApacheTomcat Version10.1.0 Updatemilestone2
ApacheTomcat Version10.1.0 Updatemilestone3
ApacheTomcat Version10.1.0 Updatemilestone4
ApacheTomcat Version10.1.0 Updatemilestone5
ApacheTomcat Version10.1.0 Updatemilestone6
ApacheTomcat Version10.1.0 Updatemilestone7
ApacheTomcat Version10.1.0 Updatemilestone8
OracleManaged File Transfer Version12.2.1.3.0
OracleManaged File Transfer Version12.2.1.4.0
OracleMysql Enterprise Monitor Version <= 8.0.29
DebianDebian Linux Version10.0
DebianDebian Linux Version11.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.69% 0.48
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7 1 5.9
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 3.7 1.9 6.4
AV:L/AC:H/Au:N/C:P/I:P/A:P
CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check.

https://www.oracle.com/security-alerts/cpuapr2022.html
Patch
Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html
Patch
Third Party Advisory
https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9
Vendor Advisory
Mailing List
Mitigation
https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html
Third Party Advisory
Mailing List
https://security.netapp.com/advisory/ntap-20220217-0010/
Third Party Advisory
https://www.debian.org/security/2022/dsa-5265
Third Party Advisory