{"vulnerability": "CVE-2024-56337", "sightings": [{"uuid": "6c3403b3-fe69-4331-9cb5-d8f6d690af00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113685883850360893", "content": "", "creation_timestamp": "2024-12-20T15:35:21.559670Z"}, {"uuid": "16970a50-ae3d-44c4-b541-36147471f7ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldqruy33cf2v", "content": "", "creation_timestamp": "2024-12-20T16:15:55.026930Z"}, {"uuid": "7ddf8275-d0d8-44e8-8c96-15973a214f4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ldqsi62and25", "content": "", "creation_timestamp": "2024-12-20T16:26:35.706417Z"}, {"uuid": "74566a61-6cf6-4533-82b7-a3852f98d57c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/igalog.bsky.social/post/3ldwpcmp4cf2j", "content": "", "creation_timestamp": "2024-12-23T00:45:47.695561Z"}, {"uuid": "9b0309a1-f108-438c-a434-a0c32d2c11f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3ldx4bnd7x22r", "content": "", "creation_timestamp": "2024-12-23T04:37:56.878413Z"}, {"uuid": "04a164a0-ee3e-4c2a-bce1-5af7e1f8857a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3ldxqwuejyz2q", "content": "", "creation_timestamp": "2024-12-23T10:47:39.838967Z"}, {"uuid": "b783e8a5-350c-4e92-bf29-4766baec2fd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ldxyht5qzb2k", "content": "", "creation_timestamp": "2024-12-23T13:02:25.301656Z"}, {"uuid": "ce3ddd0a-b84f-4298-82fb-d7f08bbedb37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ldxyhtb5jn2l", "content": "", "creation_timestamp": "2024-12-23T13:02:25.848911Z"}, {"uuid": "2c84e18e-4dd8-4146-ac18-c13e17ea21e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3ldznjfonlc2h", "content": "", "creation_timestamp": "2024-12-24T04:51:47.184153Z"}, {"uuid": "fd4ca4e9-a089-410f-a1a7-a36d49ab4004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ldzsigkif72m", "content": "", "creation_timestamp": "2024-12-24T06:20:43.196608Z"}, {"uuid": "bf71b1f6-0adc-435e-ae2e-c0db309b4694", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3ldzsixe4mc24", "content": "", "creation_timestamp": "2024-12-24T06:21:02.254312Z"}, {"uuid": "a2766411-5bb2-4c7b-ac3e-e88e5efbb195", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3ldzsjgqh7a2w", "content": "", "creation_timestamp": "2024-12-24T06:21:16.480369Z"}, {"uuid": "f1d4c363-edf6-40e0-9b38-0d24c1fabd74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/techit.bsky.social/post/3ldzsz6vn2v2w", "content": "", "creation_timestamp": "2024-12-24T06:30:05.310522Z"}, {"uuid": "b75e4f6f-fdde-4fc2-95d1-adefbd522525", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/cti-news.bsky.social/post/3ldztkerswg2r", "content": "", "creation_timestamp": "2024-12-24T06:39:41.574313Z"}, {"uuid": "2df78d49-2ec0-425b-ba3e-03cfef36969a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/jiniyabasky.bsky.social/post/3le2ab4s5uk2h", "content": "", "creation_timestamp": "2024-12-24T10:27:13.007882Z"}, {"uuid": "5388b833-323d-4f0a-97ef-b9d2f0ca5be9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://thehackernews.com/2024/12/apache-tomcat-vulnerability-cve-2024.html", "content": "", "creation_timestamp": "2024-12-24T05:06:00.000000Z"}, {"uuid": "d63ebb32-cdf8-4d96-9025-781625d96f52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/jurassiquehack.bsky.social/post/3le2i6pox3s2r", "content": "", "creation_timestamp": "2024-12-24T12:49:01.893857Z"}, {"uuid": "66660ca6-e0a2-4480-b72e-21c5c9d3c110", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/erik.thauvin.net/post/3le2keaatnb2m", "content": "", "creation_timestamp": "2024-12-24T13:27:51.591492Z"}, {"uuid": "d95affbe-a33d-4120-9a0e-ae8e95a6c75d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/113708106021039311", "content": "", "creation_timestamp": "2024-12-24T13:46:44.879035Z"}, {"uuid": "5f40504a-24c8-4b80-bd7e-309aede6809f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3le3k64ltuk2m", "content": "", "creation_timestamp": "2024-12-24T22:57:06.626902Z"}, {"uuid": "85a377b2-0d75-4b05-a298-35dc7ea1dd1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/patrickcmiller.bsky.social/post/3le4rkngrml2c", "content": "", "creation_timestamp": "2024-12-25T10:42:02.953097Z"}, {"uuid": "e4b22148-fa18-4c8d-9cde-c2fa0c74bce3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://infosec.exchange/users/patrickcmiller/statuses/113714575458051268", "content": "", "creation_timestamp": "2024-12-25T17:12:01.143598Z"}, {"uuid": "7c6146a9-235d-4ed6-ab6c-8a0285053b8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/mwyr.es/post/3lebihdgfba2z", "content": "", "creation_timestamp": "2024-12-27T07:42:26.836777Z"}, {"uuid": "33a3aea7-bec9-4032-9943-60501bc244d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ljym4xw6lc2b", "content": "", "creation_timestamp": "2025-03-10T03:25:27.242879Z"}, {"uuid": "cc740197-a05a-4a21-9bad-6b3c2a8a6590", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/Sempf.infosec.exchange.ap.brid.gy/post/3lswd4z7vh2s2", "content": "", "creation_timestamp": "2025-07-01T18:29:08.602276Z"}, {"uuid": "0538b8cb-e333-4a66-8679-eb57aeb3fc00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3ljyk3bezj22g", "content": "", "creation_timestamp": "2025-03-10T02:48:41.253059Z"}, {"uuid": "ba461bbc-af83-49af-b56e-c0a4a66b59e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114779416038120432", "content": "", "creation_timestamp": "2025-07-01T18:34:58.900105Z"}, {"uuid": "fc9d8584-59d5-4a9e-8153-a64baa1d2dfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://infosec.exchange/users/Sempf/statuses/114779378707638814", "content": "", "creation_timestamp": "2025-07-01T18:25:29.141658Z"}, {"uuid": "65fdcc85-2fce-4950-9bea-0db24be1857f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "MISP/dd71e3c5-20f7-409a-8bcc-8df3cd8022a7", "content": "", "creation_timestamp": "2025-09-03T13:30:06.000000Z"}, {"uuid": "d7301d9a-6f42-4d31-a0eb-20cd35ceb1b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "2f50d47c-08b7-4b17-b98c-e4932af95faf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1447", "content": "", "creation_timestamp": "2024-12-18T04:00:00.000000Z"}, {"uuid": "3a712d04-d88a-4e75-9954-a62e46d03938", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "https://t.me/itsec_news/5047", "content": "\u200b\u26a1\ufe0fCVE-2024-56337: \u043d\u043e\u0432\u0430\u044f \u0443\u0433\u0440\u043e\u0437\u0430, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430\u044f \u043e\u0431\u043e\u0439\u0442\u0438 \u0437\u0430\u0449\u0438\u0442\u0443 Tomcat\n\n\ud83d\udcac\u0424\u043e\u043d\u0434 Apache Software Foundation (ASF) \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0430\u0436\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u043e\u043c \u041f\u041e Tomcat, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 (RCE) \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2024-56337, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u0438\u0447\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0435\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b CVE-2024-50379 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0437\u0430\u043a\u0440\u044b\u0442\u0430 17 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u044e, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u0441 Tomcat \u043d\u0430 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0441 \u043d\u0435\u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c\u044e \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443 \u0438 \u0432\u043a\u043b\u044e\u0447\u0451\u043d\u043d\u044b\u043c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u043c \u0437\u0430\u043f\u0438\u0441\u0438 \u0434\u043b\u044f \u0441\u0435\u0440\u0432\u043b\u0435\u0442\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e (\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 readonly \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e \u0432 false), \u0434\u043e\u043b\u0436\u043d\u044b \u0432\u043d\u0435\u0441\u0442\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0434\u043b\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Java.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c \u0433\u043e\u043d\u043a\u0438 \u0442\u0438\u043f\u0430 (Race Condition) Time-of-check Time-of-use (TOCTOU). \u041e\u043d\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u043d\u0435\u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443, \u043a\u043e\u0433\u0434\u0430 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d \u0441\u0435\u0440\u0432\u043b\u0435\u0442 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0441 \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u0437\u0430\u043f\u0438\u0441\u0438.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u043c \u0447\u0442\u0435\u043d\u0438\u0438 \u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u043e\u0434\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u043f\u043e\u0434 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u043e\u0439, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443 \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442\u044c \u043a \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u043a\u0430\u043a JSP, \u0447\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-56337 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Apache Tomcat:\n\nApache Tomcat 11.0.0-M1 \u0434\u043e 11.0.1 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 11.0.2 \u0438 \u0432\u044b\u0448\u0435);\nApache Tomcat 10.1.0-M1 \u0434\u043e 10.1.33 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 10.1.34 \u0438 \u0432\u044b\u0448\u0435);\nApache Tomcat 9.0.0.M1 \u0434\u043e 9.0.97 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 9.0.98 \u0438 \u0432\u044b\u0448\u0435).\n\u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0432\u043d\u0435\u0441\u0442\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Java:\n\n\u0414\u043b\u044f Java 8 \u0438 Java 11: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0435 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e sun.io.useCanonCaches \u0432 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 false (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u2014 true).\n\u0414\u043b\u044f Java 17: \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c, \u0447\u0442\u043e \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e sun.io.useCanonCaches \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u043e (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u043e\u043d\u043e \u0443\u0436\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u043e).\n\u0414\u043b\u044f Java 21 \u0438 \u043d\u043e\u0432\u0435\u0435: \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f, \u0442\u0430\u043a \u043a\u0430\u043a \u0434\u0430\u043d\u043d\u043e\u0435 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e \u0443\u0436\u0435 \u0431\u044b\u043b\u043e \u0443\u0434\u0430\u043b\u0435\u043d\u043e.\nASF \u043f\u043e\u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u0438\u043b\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Nacl, WHOAMI, Yemoli \u0438 Ruozhi \u0437\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u0435 \u0438 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 KnownSec 404 Team \u0437\u0430 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 CVE-2024-56337 \u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0435 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-12-24T06:43:49.000000Z"}, {"uuid": "265e1ef6-9185-4725-afad-8a01d7d9344f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/hackingbra/215", "content": "tomcat CVE-2024-50379/CVE-2024-56337\n*\n\u041f\u0440\u043e\u043a\u0430\u0447\u0430\u043d\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f", "creation_timestamp": "2024-12-26T02:57:28.000000Z"}, {"uuid": "55e6bab4-32e7-4ef4-8450-1ac44fd1c150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "Telegram/NQCIil0LDLl7JvgUDLX-bHiJdmXE16iLAgNQvUY24Gfj9g", "content": "", "creation_timestamp": "2024-12-25T01:18:30.000000Z"}, {"uuid": "c33fe520-615c-49a1-b74e-a66f1db015ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/crackvaultde/348", "content": "Apache Tomcat CVE-2024-56337 Enables RCE\n\nCVE-2024-56337 exposes Apache Tomcat to remote code execution (RCE) on case-insensitive file systems, affecting multiple versions.\n\nFor Details\n\nTelegram Channel: https://t.me/crackvaultde\nTelegram Group: https://t.me/crack_vault_group\nWebsite: crackvault.de", "creation_timestamp": "2024-12-24T18:08:13.000000Z"}, {"uuid": "da8007e8-3ce1-4c6f-85a8-0beda03351e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/kasperskyb2b/1574", "content": "\u2b50\ufe0f \u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411\n\n\ud83d\ude11 \u0423\u0433\u0440\u043e\u0437\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u0410\u0421\u0423 \u0432 3 \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2024 \u0433\u043e\u0434\u0430: \u043e\u0431\u0437\u043e\u0440 \u0438 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430. \u0422\u043e\u043f \u0441\u0438\u0441\u0442\u0435\u043c, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0431\u044b\u043b\u0438 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043e\u0431\u044a\u0435\u043a\u0442\u044b, \u0432\u043e\u0437\u0433\u043b\u0430\u0432\u0438\u043b\u0438 \u0431\u0438\u043e\u043c\u0435\u0442\u0440\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. \n\n\ud83d\uddff \u0420\u0430\u0437\u0431\u043e\u0440 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u044b Masque, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 2024 \u0433\u043e\u0434\u0443 \u0438 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u0439 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u043e\u0439 \u0432\u044b\u0433\u043e\u0434\u044b.  \u0417\u0430\u0445\u043e\u0434\u044f\u0442 \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u0442\u0451\u043a\u0448\u0438\u0435 \u0431\u0438\u043b\u0434\u0435\u0440\u044b Lockbit \u0438 Babuk.\n\n\ud83d\ude80 \u0412 \u0444\u0430\u0439\u0440\u0432\u043e\u043b\u0430\u0445 Palo Alto, \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 CVE-2024-9474, \u0432\u044b\u043b\u043e\u0432\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 Littlelamb.Wooltea. \u041e\u0447\u0435\u043d\u044c \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u043e\u0442\u0447\u0451\u0442 \u043e \u043d\u0451\u043c \u0445\u043e\u0440\u043e\u0448\u043e \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442, \u043a\u0430\u043a \u043e\u043f\u044b\u0442\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0430 \u043f\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\ud83d\udfe3\u0421\u043f\u0438\u0441\u043e\u043a \u0438\u0437 2,5 \u0442\u044b\u0441\u044f\u0447 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 Astrill VPN, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e\u0447\u0435\u043d\u044c \u043b\u044e\u0431\u044f\u0442 \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u0438\u0435 APT.\n\n\u2764\ufe0f\u041e\u0431\u0437\u043e\u0440 \u0444\u0438\u0448\u0438\u043d\u0433-\u043a\u0438\u0442\u0430 WikiKit, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0433\u043e \u0441\u0432\u043e\u0451 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u0437\u0430 \u0442\u043e, \u0447\u0442\u043e \u043e\u043d \u043f\u0435\u0440\u0435\u0430\u0434\u0440\u0435\u0441\u0443\u0435\u0442 \u043d\u0435\u043f\u043e\u0434\u0445\u043e\u0434\u044f\u0449\u0438\u0445 \u0436\u0435\u0440\u0442\u0432 \u043d\u0430 \u0412\u0438\u043a\u0438\u043f\u0435\u0434\u0438\u044e.\n\n\ud83d\ude35\u200d\ud83d\udcab \u041f\u044f\u0442\u044c \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0439 Chrome, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 \u043e\u0442 \u0418\u0411-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Cyberhaven, \u0431\u044b\u043b\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0438 \u043f\u043e\u043f\u0430\u043b\u0438 \u0432 \u043c\u0430\u0433\u0430\u0437\u0438\u043d Chrome. \u0415\u0449\u0451 \u043e\u0434\u0438\u043d \u043f\u043e\u0432\u043e\u0434 \u043f\u043e\u0434\u0447\u0438\u043d\u0438\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0439 \u0432 \u0425\u0440\u043e\u043c \u0441\u0442\u0440\u043e\u0433\u0438\u043c \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430\u043c.\n\n\ud83d\udfe2\u041d\u043e\u0432\u044b\u0439 \u0434\u0435\u043d\u044c \u2014 \u043d\u043e\u0432\u043e\u0435 \u0412\u041f\u041e \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445 open source. \u0422\u0435\u043f\u0435\u0440\u044c \u0447\u0435\u0440\u0435\u0437 PyPi \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u0441\u0442\u0438\u043b\u0435\u0440\u044b Cometlogger \u0438 Zebo.\n\n\ud83d\udfe3\u0410 Lockbit \u0441\u043e\u0431\u0440\u0430\u043b\u0438\u0441\u044c \u043e\u0442\u043f\u0440\u0430\u0437\u0434\u043d\u043e\u0432\u0430\u0442\u044c \u0433\u043e\u0434\u043e\u0432\u0449\u0438\u043d\u0443 \u0440\u0430\u0437\u0433\u043e\u043d\u0430 \u0433\u0440\u0443\u043f\u043f\u044b \u043f\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0438\u0442\u0435\u043b\u044f\u043c\u0438 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c Lockbit 4.0.\n\n\ud83d\ude35 \u0426\u0435\u043b\u0430\u044f \u043f\u0430\u0447\u043a\u0430 \u0441\u0440\u043e\u0447\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0418\u0422-\u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 \u043e\u043c\u0440\u0430\u0447\u0438\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0430\u043c \u043f\u0440\u0430\u0437\u0434\u043d\u0438\u0447\u043d\u044b\u0439 \u0441\u0435\u0437\u043e\u043d. \u041e\u0442\u043c\u0435\u0442\u0438\u043c CVE-2024-52046 \u0432 Apache MINA (CVSS 10), CVE-2024-45387 \u0432 Apache Traffic Ops (CVSS 9.9) \u0438 \u043c\u0435\u043d\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u0443\u044e CVE-2024-43441 \u0432 OpenGraph. \u0410 \u0434\u043b\u044f \u0442\u0435\u0445, \u043a\u0442\u043e \u0435\u0434\u0432\u0430 \u0432\u044b\u0434\u043e\u0445\u043d\u0443\u043b, \u0437\u0430\u043b\u0430\u0442\u0430\u0432 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e CVE-2024-50379 \u0432 Apache Tomcat, \u0442\u043e\u0436\u0435 \u0435\u0441\u0442\u044c \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u044b\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u2014 \u0444\u0438\u043a\u0441 \u0431\u044b\u043b \u043d\u0435\u043f\u043e\u043b\u043d\u044b\u043c, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u0441\u0442\u0440\u0435\u0447\u0430\u0439\u0442\u0435 CVE-2024-56337 \u0438 \u043d\u0430\u0447\u0438\u043d\u0430\u0439\u0442\u0435 \u0441\u043d\u0430\u0447\u0430\u043b\u0430. \u0414\u0430, \u0438 CVE-2024-53677 \u0432 Struts \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u043d\u0435 \u0437\u0430\u0431\u0443\u0434\u044c\u0442\u0435.\n\u0421\u043d\u043e\u0432\u0430 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438\u0441\u044c \u0438 Palo Alto \u0441 DoS \u0432 PAN-OS (CVE-2024-3393, CVSS 8.7).\n\n\ud83d\udc4b \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e\u0435 \u0447\u0442\u0438\u0432\u043e \u043d\u0430 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435: \u043a\u0430\u043a \u043b\u044e\u0431\u0438\u043c\u0430\u044f \u0441\u0442\u0430\u0440\u0442\u0430\u043f\u0430\u043c\u0438 \u0438 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0438\u043c\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043e\u0444\u0438\u0441\u043e\u0432 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043b\u0435\u0433\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0444\u0430\u0441\u0430\u0434\u0430 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #APT #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 @\u041f2\u0422", "creation_timestamp": "2024-12-28T08:57:19.000000Z"}, {"uuid": "feb01297-618a-4cef-a39f-632e8e899ee4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/CyberBulletin/1813", "content": "\u26a1\ufe0fApache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks.\n\n#CyberBulletin", "creation_timestamp": "2024-12-24T09:05:26.000000Z"}, {"uuid": "72571475-44f4-4f6a-a546-5878fba8b8e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/CyberBulletin/1810", "content": "\u26a1\ufe0fCVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability.\n\n#CyberBulletin", "creation_timestamp": "2024-12-23T14:08:18.000000Z"}, {"uuid": "3c55e586-581c-448b-a13b-f78c9b2b73d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/cibsecurity/81797", "content": "\ud83d\udd8b\ufe0f Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks \ud83d\udd8b\ufe0f\n\nThe Apache Software Foundation ASF has released a security update to address an important vulnerability in its Tomcat server software that could result in remote code execution RCE under certain conditions. The vulnerability, tracked as CVE202456337, has been described as an incomplete mitigation for CVE202450379 CVSS score 9.8, another critical security flaw in the same product that.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-12-24T07:15:10.000000Z"}, {"uuid": "0174c801-4a5e-4527-9cb5-2aad9633b6e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/cvedetector/13444", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56337 - Apache Tomcat CaseInsensitive TOCTOU Race Condition Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56337 \nPublished : Dec. 20, 2024, 4:15 p.m. | 42\u00a0minutes ago \nDescription : Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat.  \n  \nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97.  \n  \nThe mitigation for CVE-2024-50379 was incomplete.  \n  \nUsers running Tomcat on a case insensitive file system with the default servlet write enabled (readonly initialisation   \nparameter set to the non-default value of false) may need additional configuration to fully mitigate CVE-2024-50379 depending on which version of Java they are using with Tomcat:  \n- running on Java 8 or Java 11: the system property\u00a0sun.io.useCanonCaches must be explicitly set to false (it defaults to true)  \n- running on Java 17: the\u00a0system property sun.io.useCanonCaches, if set, must be set to false\u00a0(it defaults to false)  \n- running on Java 21 onwards: no further configuration is required\u00a0(the system property and the problematic cache have been removed)  \n  \nTomcat 11.0.3, 10.1.35 and 9.0.99 onwards will include checks that\u00a0sun.io.useCanonCaches is set appropriately before allowing the default servlet to be write enabled on a case insensitive file system. Tomcat will also set\u00a0sun.io.useCanonCaches to false by default where it can. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-20T18:25:23.000000Z"}, {"uuid": "c169cc15-9b18-4f63-81e4-44c2d17f428f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "https://t.me/darkcommunityofficial/3620", "content": "Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks\n\nThe Apache Software Foundation (ASF) has released a security update to address an important vulnerability in its Tomcat server software\u2026\n\nhttps://osintcorp.net/apache-tomcat-vulnerability-cve-2024-56337-exposes-servers-to-rce-attacks/", "creation_timestamp": "2024-12-24T12:56:25.000000Z"}, {"uuid": "e4fb0bb0-1e4e-4d88-9a56-12d47a97845e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/MalaysiaHacktivistz/6710", "content": "Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks \u2013 thehackernews.com\n\nTue, 24 Dec 2024 14:06:00", "creation_timestamp": "2024-12-24T09:03:03.000000Z"}, {"uuid": "c18b2bc0-882f-47e1-8a37-84c7788528ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/nusantaraMYID/1873", "content": "Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks \u2013 thehackernews.com\n\nTue, 24 Dec 2024 14:06:00", "creation_timestamp": "2024-12-24T09:03:00.000000Z"}, {"uuid": "0107be1c-281b-41dd-8fa8-6daee41a5968", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/MalaysiaHacktivistz/1031", "content": "Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks \u2013 thehackernews.com\n\nTue, 24 Dec 2024 14:06:00", "creation_timestamp": "2024-12-24T09:03:03.000000Z"}, {"uuid": "92d0fb4b-d206-4d46-9862-6cafd519d2e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "Telegram/JgBVg74YAjFeVjh1LxGBWYumtSMJKipEv7wiLvtCTwXM8b4", "content": "", "creation_timestamp": "2024-12-24T09:03:00.000000Z"}, {"uuid": "cffeb5be-f9c8-4993-b77a-85824026f5ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "Telegram/Oxq5SO8-21GQipP6NIDCbdDkAA225btYdW6eEU8zypkEJg0", "content": "", "creation_timestamp": "2025-03-15T22:00:06.000000Z"}, {"uuid": "d3359bea-9bad-45a5-bc58-8cb86178e65b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/CyberDilara/1370", "content": "#Github #Tools\n\n[WACV 2025] Official implementation of \"Face Anonymization Made Simple\"\n\nhttps://github.com/hanweikung/face_anon_simple\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nHackthebox Theme For Terminal - A collection of config files for linux focusing on hackthebox theme based on the labsand academy platform.\n\nhttps://github.com/botnetbuddies/hackthebox-themes\n\nA BloodHound collector for Microsoft Configuration Manager\n\nhttps://github.com/CrowdStrike/sccmhound\n\nThis page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.\n\nhttps://github.com/cr0nx/awesome-linux-attack-forensics-purplelabs\n\nCVE-2024-50379 Exploitation and POC\n\nhttps://github.com/v3153/CVE-2024-50379-POC\n\n#HackersForum", "creation_timestamp": "2024-12-27T03:14:43.000000Z"}, {"uuid": "104aef9a-7d17-45ad-88dc-628ea8bbabb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "Telegram/eVIPFGRhkq3YCk2O8BWYITIBkjx0dvNLYbcNpq7wmBtPfw", "content": "", "creation_timestamp": "2024-12-24T11:23:07.000000Z"}, {"uuid": "0c2151a9-5ede-4fc1-ad2b-86cdce69fcc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "Telegram/yKcGWhhQJwisJolliiSQ_Vwze7Rv8usdLxIEJwq6Laah_Gw", "content": "", "creation_timestamp": "2025-02-26T22:00:06.000000Z"}, {"uuid": "a41115b0-cd44-4cc1-888c-52756e13fd07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/9207", "content": "#Github #Tools\n\n[WACV 2025] Official implementation of \"Face Anonymization Made Simple\"\n\nhttps://github.com/hanweikung/face_anon_simple\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nHackthebox Theme For Terminal - A collection of config files for linux focusing on hackthebox theme based on the labsand academy platform.\n\nhttps://github.com/botnetbuddies/hackthebox-themes\n\nA BloodHound collector for Microsoft Configuration Manager\n\nhttps://github.com/CrowdStrike/sccmhound\n\nThis page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.\n\nhttps://github.com/cr0nx/awesome-linux-attack-forensics-purplelabs\n\nCVE-2024-50379 Exploitation and POC\n\nhttps://github.com/v3153/CVE-2024-50379-POC\n\n#HackersForum", "creation_timestamp": "2024-12-27T03:14:48.000000Z"}, {"uuid": "513b3459-3de7-4dbc-8f20-342e325f680d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "Telegram/QJNKafZ39RPUBf0W2FOX1OlC1JbKcylQtoMgEZm-Z-wGay4", "content": "", "creation_timestamp": "2025-03-04T04:00:07.000000Z"}, {"uuid": "b522839f-8d06-4b5f-8d60-31c8e6137cc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/4128", "content": "#GitHub #Tools \n\nA tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs).\n\nhttps://github.com/Leo4j/PowerDACL\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nShort, but interesting list of sensitive data and bug bounty dorks.\n\nhttps://github.com/fatguru/dorks\n\nOpen source obfuscation tool for .NET assemblies\n\nhttps://github.com/obfuscar/obfuscar\n\nCrlfuzz tool vs my nuclei template:\ncrlfuzz only detected crlf in one target from list but my template finded more with GBK encoding payload also.\n\nhttps://github.com/coffinxp/nuclei-templates/blob/main/cRlf.yaml\n\n#Tools@dilagrafie", "creation_timestamp": "2025-01-29T08:06:35.000000Z"}, {"uuid": "de8fc57e-fdff-42e4-8549-53190bc5217e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/dilagrafie/4036", "content": "#Github #Tools\n\n[WACV 2025] Official implementation of \"Face Anonymization Made Simple\"\n\nhttps://github.com/hanweikung/face_anon_simple\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nHackthebox Theme For Terminal - A collection of config files for linux focusing on hackthebox theme based on the labsand academy platform.\n\nhttps://github.com/botnetbuddies/hackthebox-themes\n\nA BloodHound collector for Microsoft Configuration Manager\n\nhttps://github.com/CrowdStrike/sccmhound\n\nThis page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.\n\nhttps://github.com/cr0nx/awesome-linux-attack-forensics-purplelabs\n\nCVE-2024-50379 Exploitation and POC\n\nhttps://github.com/v3153/CVE-2024-50379-POC\n\n#HackersForum", "creation_timestamp": "2024-12-27T03:14:32.000000Z"}, {"uuid": "baabfe46-87b6-4a4b-ace4-91d104094243", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "Telegram/V15QyGWFxYCpoASWuAHRlgFg7gSQsN8DhAxkLcr1e2OZj1Y", "content": "", "creation_timestamp": "2024-12-24T07:32:58.000000Z"}, {"uuid": "badef494-ec97-4797-ab67-0e07f06c1d78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/proxy_bar/2445", "content": "tomcat CVE-2024-50379/CVE-2024-56337\n*\n\u041f\u0440\u043e\u043a\u0430\u0447\u0430\u043d\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f", "creation_timestamp": "2024-12-24T19:45:29.000000Z"}, {"uuid": "759a0be9-b0aa-43dd-b643-f43592d24c7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7946", "content": "#GitHub #Tools \n\nA tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs).\n\nhttps://github.com/Leo4j/PowerDACL\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nShort, but interesting list of sensitive data and bug bounty dorks.\n\nhttps://github.com/fatguru/dorks\n\nOpen source obfuscation tool for .NET assemblies\n\nhttps://github.com/obfuscar/obfuscar\n\nCrlfuzz tool vs my nuclei template:\ncrlfuzz only detected crlf in one target from list but my template finded more with GBK encoding payload also.\n\nhttps://github.com/coffinxp/nuclei-templates/blob/main/cRlf.yaml\n\n#Tools@dilagrafie", "creation_timestamp": "2025-01-31T11:35:51.000000Z"}, {"uuid": "0d8cdace-49ef-4304-b966-758aa3c82aee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/GrayHatsHack/7788", "content": "#Github #Tools\n\n[WACV 2025] Official implementation of \"Face Anonymization Made Simple\"\n\nhttps://github.com/hanweikung/face_anon_simple\n\nTomcat CVE-2024-50379/CVE-2024-56337 \u6761\u4ef6\u7ade\u4e89\u6587\u4ef6\u4e0a\u4f20exp\n\nhttps://github.com/SleepingBag945/CVE-2024-50379\n\nHackthebox Theme For Terminal - A collection of config files for linux focusing on hackthebox theme based on the labsand academy platform.\n\nhttps://github.com/botnetbuddies/hackthebox-themes\n\nA BloodHound collector for Microsoft Configuration Manager\n\nhttps://github.com/CrowdStrike/sccmhound\n\nThis page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.\n\nhttps://github.com/cr0nx/awesome-linux-attack-forensics-purplelabs\n\nCVE-2024-50379 Exploitation and POC\n\nhttps://github.com/v3153/CVE-2024-50379-POC\n\n#HackersForum", "creation_timestamp": "2024-12-27T03:14:48.000000Z"}, {"uuid": "bf478d10-84ce-47f2-82ea-7d3fd970832a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/ctinow/228547", "content": "Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks\nhttps://ift.tt/n2bgjrK", "creation_timestamp": "2024-12-24T07:19:53.000000Z"}, {"uuid": "a73ad6d5-f4c1-478f-9873-0336d963c3dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/true_secator/6586", "content": "\u0412\u0441\u043b\u0435\u0434 \u0437\u0430 CVE-2024-43441 \u0432 HugeGraph-Server \u0438 CVE-2024-56337 \u0432 Tomcat \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Apache Software Foundation (ASF) \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 Traffic Control \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c 9,9 CVSS.\n\n\u041f\u0440\u0438 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2024-45387 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u0440\u043e\u043b\u044c\u044e admin, federation, operations, portal \u0438\u043b\u0438 steering \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 SQL \u0432 \u0431\u0430\u0437\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e PUT-\u0437\u0430\u043f\u0440\u043e\u0441\u0430\n\n\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044e Tencent YunDing Security Lab \u042e\u0430\u043d\u044c \u041b\u043e. \u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Apache Traffic Control \u043e\u0442 8.0.0 \u0434\u043e 8.0.1.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 Apache Traffic Control 8.0.2. \u0414\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0433\u0440\u043e\u0437 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u041f\u041e.", "creation_timestamp": "2024-12-26T12:00:09.000000Z"}, {"uuid": "789bd312-7054-4419-8b27-3b3d45674641", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6582", "content": "Apache Software Foundation (ASF) \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0430\u0436\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Tomcat, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-56337 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0443\u0434\u0430\u0432\u0448\u0438\u043c\u0441\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435\u043c \u0434\u0440\u0443\u0433\u043e\u0439 CVE-2024-50379 (CVSS: 9,8), \u0435\u0449\u0435 \u043e\u0434\u043d\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0442\u043e\u043c \u0436\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0440\u0430\u043d\u0435\u0435 17 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u043c \u0441 Tomcat \u0432 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u043d\u0435\u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443, \u0441 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u044c\u044e \u0441\u0435\u0440\u0432\u043b\u0435\u0442\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e (\u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 \u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u00ab\u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f\u00bb \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d \u043d\u0430 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 false, \u043e\u0442\u043b\u0438\u0447\u043d\u043e\u0435 \u043e\u0442 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e), \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0434\u043b\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-50379 \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f Java \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0441 Tomcat.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u044b \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c \u0433\u043e\u043d\u043a\u0438 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f (TOCTOU), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0432 \u0444\u0430\u0439\u043b\u043e\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u043d\u0435\u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443, \u043a\u043e\u0433\u0434\u0430 \u0441\u0435\u0440\u0432\u043b\u0435\u0442 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u0434\u043b\u044f \u0437\u0430\u043f\u0438\u0441\u0438.\n\n\u041e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0435 \u0447\u0442\u0435\u043d\u0438\u0435 \u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u043f\u0440\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u043e\u0434\u043d\u043e\u0433\u043e \u0438 \u0442\u043e\u0433\u043e \u0436\u0435 \u0444\u0430\u0439\u043b\u0430 \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 Tomcat \u043a \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0443 \u0438 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0442\u043e\u043c\u0443, \u0447\u0442\u043e \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0431\u0443\u0434\u0435\u0442 \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u043a\u0430\u043a JSP, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a RCE.\n\nCVE-2024-56337 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Apache Tomcat: \n- 11.0.0-M1 \u0434\u043e 11.0.1 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 11.0.2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438);\n- 10.1.0-M1 \u0434\u043e 10.1.33 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 10.1.34 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438);\n- 9.0.0.M1 \u2013 9.0.97 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 9.0.98 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 Java:\n\n- Java 8 \u0438\u043b\u0438 Java 11: \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0437\u0430\u0434\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u043c\u0443 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u0443 sun.io.useCanonCaches \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 false (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e true);\n\n- Java 17: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0435 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e sun.io.useCanonCaches \u0432 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 false, \u0435\u0441\u043b\u0438 \u043e\u043d\u043e \u0443\u0436\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e (\u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e false);\n\n- Java 21 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438: \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f, \u0442\u0430\u043a \u043a\u0430\u043a \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0435 \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e \u0443\u0434\u0430\u043b\u0435\u043d\u043e.\n\nASF \u0432\u044b\u0440\u0430\u0437\u0438\u043b\u0430 \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u043d\u043e\u0441\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Nacl, WHOAMI, Yemoli \u0438 Ruozhi \u0437\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043e\u0431 \u043e\u0431\u043e\u0438\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u0435 KnownSec 404 \u0437\u0430 \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 CVE-2024-56337 \u0441 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c PoC.", "creation_timestamp": "2024-12-25T15:20:25.000000Z"}, {"uuid": "14cc8c15-d363-4c83-bece-e40fd2f80abb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/thehackernews/6084", "content": "\u26a1 A new remote code execution flaw in Apache Tomcat (CVE-2024-56337) exposes organizations to serious risk.\n\nAn uploaded file could turn into malicious JSP code\u2014resulting in remote code execution.\n\n\u00bb Affected Versions: Tomcat 9.0.0-M1 to 11.0.1\n\u00bb Java users: Incorrect configurations = higher risk.\n\u00bb Severity? CVE-2024-50379 scored a 9.8 on CVSS!\n\nDetails here \ud83d\udc49 https://thehackernews.com/2024/12/apache-tomcat-vulnerability-cve-2024.html", "creation_timestamp": "2024-12-24T07:10:43.000000Z"}, {"uuid": "df92e9b4-9f85-40b1-8549-6a80bbece2eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/CyberBulletin/26895", "content": "\u26a1\ufe0fCVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability.\n\n#CyberBulletin", "creation_timestamp": "2024-12-23T13:21:26.000000Z"}, {"uuid": "b2c12342-f38d-4735-a553-7741d749dc0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/CyberBulletin/26898", "content": "\u26a1\ufe0fApache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks.\n\n#CyberBulletin", "creation_timestamp": "2024-12-24T09:05:26.000000Z"}, {"uuid": "8fb27c49-5278-48fc-9163-f262c1d5ee59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56337", "type": "seen", "source": "https://t.me/suboxone_chatroom/941", "content": "\u26a1\ufe0fCVE-2024-50379/CVE-2024-56337 : Apache Tomcat Patches Critical RCE Vulnerability\n\n\ud83d\udd25Exploit : https://github.com/SleepingBag945/CVE-2024-50379\n\n\ud83d\udc47Dorks:\nHUNTER :/product.name=\"Apache Tomcat\"\nFOFA : product=\"Apache-Tomcat\"\nSHODAN : product:\"Apache-Tomcat\"", "creation_timestamp": "2025-01-13T11:04:46.000000Z"}]}