Information disclosure in Apache Tomcat
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2022-25762 |
| CWE-ID | CWE-388 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Apache Tomcat Server applications / Web servers |
| Vendor | Apache Foundation |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Error Handling
EUVDB-ID: #VU63299
Risk: Medium
CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-25762
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to an error when handling WebSocket connections. If a web application sends a WebSocket message concurrently with the
WebSocket connection closing, it is possible that the application will
continue to use the socket after it has been closed. As a result, subsequent connections can use the
same object concurrently and share data and/or other errors.
Install updates from vendor's website.
Vulnerable software versionsApache Tomcat: 8.5.0 - 9.0.20
External linkshttp://lists.apache.org/thread/6ckmjfb1k61dyzkto9vm2k5jvt4o7w7c
http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.21
http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
