csaf_certbund - WID-SEC-W-2024-3486

WID-SEC-W-2024-3486

Vulnerability from csaf_certbund

Published

2024-11-17 23:00

Modified

2025-01-19 23:00

Summary

Apache Tomcat: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Apache Tomcat ist ein Web-Applikationsserver für verschiedene Plattformen.

Angriff

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache Tomcat ausnutzen, um Sicherheitsvorkehrungen zu umgehen und um falsche Informationen darzustellen.

Betroffene Betriebssysteme

- Linux - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Apache Tomcat ist ein Web-Applikationsserver f\u00fcr verschiedene Plattformen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache Tomcat ausnutzen, um Sicherheitsvorkehrungen zu umgehen und um falsche Informationen darzustellen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3486 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3486.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3486 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3486"
      },
      {
        "category": "external",
        "summary": "Fixed in Apache Tomcat 11.0.0 vom 2024-11-17",
        "url": "https://tomcat.apache.org/security-11.html"
      },
      {
        "category": "external",
        "summary": "Fixed in Apache Tomcat 10.1.31 vom 2024-11-17",
        "url": "https://tomcat.apache.org/security-10.html"
      },
      {
        "category": "external",
        "summary": "Fixed in Apache Tomcat 9.0.96 vom 2024-11-17",
        "url": "https://tomcat.apache.org/security-9.html"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2024:14526-1 vom 2024-11-26",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/NS3LHXFR3WDPWX6RO57TRBMRMR4673EV/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2024:14525-1 vom 2024-11-26",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/FEBEOHC6Y3SRYDWBQ2D6PJCZOXW2QQ4Y/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4075-1 vom 2024-11-27",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019848.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4105-1 vom 2024-11-28",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/6BALUYPW7LQJCC2GHB7Q6UAUAUMJGZH4/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:4106-1 vom 2024-11-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019866.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7179164 vom 2024-12-17",
        "url": "https://www.ibm.com/support/pages/node/7179164"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2025-031 vom 2025-01-02",
        "url": "https://www.dell.com/support/kbdoc/de-de/000267482/dsa-2025-031-dell-openmanage-server-administrator-omsa-security-update-for-apache-tomcat-unchecked-error-condition-vulnerability"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update vom 2025-01-08",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/R2IT7I6R7IICWNFTQM2VQTVL5JMUZMA4/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0058-1 vom 2025-01-10",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/BU742OOISJIJHU3XWFKULNL4LCEVGEXC/"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7180700 vom 2025-01-10",
        "url": "https://www.ibm.com/support/pages/node/7180700"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4017 vom 2025-01-17",
        "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00009.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5845 vom 2025-01-17",
        "url": "https://lists.debian.org/debian-security-announce/2025/msg00007.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Apache Tomcat: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-01-19T23:00:00.000+00:00",
      "generator": {
        "date": "2025-01-20T09:18:50.166+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2024-3486",
      "initial_release_date": "2024-11-17T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-11-17T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-11-26T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2024-11-27T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-11-28T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-12-17T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-01-02T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2025-01-07T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-01-09T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-01-12T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-01-16T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2025-01-19T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Debian aufgenommen"
        }
      ],
      "status": "final",
      "version": "11"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c11.0.0",
                "product": {
                  "name": "Apache Tomcat \u003c11.0.0",
                  "product_id": "T039220"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.0",
                "product": {
                  "name": "Apache Tomcat 11.0.0",
                  "product_id": "T039220-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:tomcat:11.0.0"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.1.31",
                "product": {
                  "name": "Apache Tomcat \u003c10.1.31",
                  "product_id": "T039221"
                }
              },
              {
                "category": "product_version",
                "name": "10.1.31",
                "product": {
                  "name": "Apache Tomcat 10.1.31",
                  "product_id": "T039221-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:tomcat:10.1.31"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.0.96",
                "product": {
                  "name": "Apache Tomcat \u003c9.0.96",
                  "product_id": "T039222"
                }
              },
              {
                "category": "product_version",
                "name": "9.0.96",
                "product": {
                  "name": "Apache Tomcat 9.0.96",
                  "product_id": "T039222-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:tomcat:9.0.96"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Tomcat"
          }
        ],
        "category": "vendor",
        "name": "Apache"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c11.1.0.0",
                "product": {
                  "name": "Dell OpenManage Server Administrator \u003c11.1.0.0",
                  "product_id": "T039663"
                }
              },
              {
                "category": "product_version",
                "name": "11.1.0.0",
                "product": {
                  "name": "Dell OpenManage Server Administrator 11.1.0.0",
                  "product_id": "T039663-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:openmanage_server_administrator:11.1.0.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenManage Server Administrator"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "IBM Integration Bus",
                "product": {
                  "name": "IBM Integration Bus",
                  "product_id": "T039654",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:integration_bus:for_zos"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "for zos 10.1-10.1.0.5",
                "product": {
                  "name": "IBM Integration Bus for zos 10.1-10.1.0.5",
                  "product_id": "T039901",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:integration_bus:for_zos_10.1_-_10.1.0.5"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Integration Bus"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE openSUSE",
                "product": {
                  "name": "SUSE openSUSE",
                  "product_id": "T027843",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:opensuse:-"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE openSUSE",
                "product": {
                  "name": "SUSE openSUSE",
                  "product_id": "T040043",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:opensuse:-"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "openSUSE"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-52316",
      "notes": [
        {
          "category": "description",
          "text": "Es gibt eine Schwachstelle in Apache Tomcat, wenn Tomcat so konfiguriert wurde, dass er eine benutzerdefinierte \u201eJakarta Authentication ServerAuthContext\u201c-Komponente mit einem bestimmten Verhalten verwendet. Ein entfernter, anonymer Angreifer kann dies ausnutzen, um den Authentifizierungsprozess zu umgehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040043",
          "T039221",
          "T039220",
          "2951",
          "T002207",
          "T039901",
          "T027843",
          "T039663",
          "T039222",
          "T039654"
        ]
      },
      "release_date": "2024-11-17T23:00:00.000+00:00",
      "title": "CVE-2024-52316"
    },
    {
      "cve": "CVE-2024-52317",
      "notes": [
        {
          "category": "description",
          "text": "Es gibt eine Schwachstelle in Apache Tomcat, die auf ein falsches Recycling von Objekten zur\u00fcckzuf\u00fchren ist, die von HTTP/2-Anfragen verwendet werden. Dies kann zu einer Verwechslung von Anfragen und/oder Antworten zwischen Benutzern f\u00fchren. Ein entfernter authentifizierter Angreifer kann dies ausnutzen, um falsche Informationen anzuzeigen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T040043",
          "T039221",
          "T039220",
          "2951",
          "T002207",
          "T039901",
          "T027843",
          "T039663",
          "T039222",
          "T039654"
        ]
      },
      "release_date": "2024-11-17T23:00:00.000+00:00",
      "title": "CVE-2024-52317"
    }
  ]
}

CVE-2024-52317 (GCVE-0-2024-52317)

Vulnerability from cvelistv5

Published

2024-11-18 11:36

Modified

2025-01-24 20:03

Severity ?

CWE

Incorrect object re-cycling and re-use

Summary

Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the request and response used by HTTP/2 requests could lead to request and/or response mix-up between users. This issue affects Apache Tomcat: from 11.0.0-M23 through 11.0.0-M26, from 10.1.27 through 10.1.30, from 9.0.92 through 9.0.95. Users are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fixes the issue.

References

URL

Tags

https://lists.apache.org/thread/ty376mrxy1mmxtw3ogo53nc9l3co3dfs

vendor-advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache Tomcat	Version: 11.0.0-M23 ≤ 11.0.0-M26 Version: 10.1.27 ≤ 10.1.30 Version: 9.0.92 ≤ 9.0.95

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:tomcat:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "tomcat",
            "vendor": "apache",
            "versions": [
              {
                "lessThanOrEqual": "9.0.95",
                "status": "affected",
                "version": "9.0.92",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "10.1.30",
                "status": "affected",
                "version": "10.1.27",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "11.0.0-M26",
                "status": "affected",
                "version": "11.0.0-M23",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-52317",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-18T14:44:38.538929Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-326",
                "description": "CWE-326 Inadequate Encryption Strength",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-18T14:49:35.054Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-01-24T20:03:10.485Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/11/18/3"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20250124-0004/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Tomcat",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "11.0.0-M26",
              "status": "affected",
              "version": "11.0.0-M23",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.1.30",
              "status": "affected",
              "version": "10.1.27",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.0.95",
              "status": "affected",
              "version": "9.0.92",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIncorrect object re-cycling and re-use vulnerability in Apache Tomcat.\u0026nbsp;Incorrect recycling of the request and response used by HTTP/2 requests \ncould lead to request and/or response mix-up between users.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M23 through 11.0.0-M26, from 10.1.27 through 10.1.30, from 9.0.92 through 9.0.95.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fixes the issue.\u003c/p\u003e"
            }
          ],
          "value": "Incorrect object re-cycling and re-use vulnerability in Apache Tomcat.\u00a0Incorrect recycling of the request and response used by HTTP/2 requests \ncould lead to request and/or response mix-up between users.\n\nThis issue affects Apache Tomcat: from 11.0.0-M23 through 11.0.0-M26, from 10.1.27 through 10.1.30, from 9.0.92 through 9.0.95.\n\nUsers are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "important"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Incorrect object re-cycling and re-use",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-18T11:36:51.963Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/ty376mrxy1mmxtw3ogo53nc9l3co3dfs"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Apache Tomcat: Request/response mix-up with HTTP/2",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-52317",
    "datePublished": "2024-11-18T11:36:51.963Z",
    "dateReserved": "2024-11-07T07:45:03.449Z",
    "dateUpdated": "2025-01-24T20:03:10.485Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-52316 (GCVE-0-2024-52316)

Vulnerability from cvelistv5

Published

2024-11-18 11:32

Modified

2025-08-13 13:30

Severity ?

CWE

CWE-391 - Unchecked Error Condition

Summary

Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the authentication may not fail, allowing the user to bypass the authentication process. There are no known Jakarta Authentication components that behave in this way. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M26, from 10.1.0-M1 through 10.1.30, from 9.0.0-M1 through 9.0.95. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Users are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fix the issue.

References

URL

Tags

https://lists.apache.org/thread/lopzlqh91jj9n334g02om08sbysdb928

vendor-advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache Tomcat	Version: 11.0.0-M1 ≤ 11.0.0-M26 Version: 10.1.0-M1 ≤ 10.1.30 Version: 9.0.0-M1 ≤ 9.0.95 Version: 8.5.0 ≤ 8.5.100

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:tomcat:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "tomcat",
            "vendor": "apache",
            "versions": [
              {
                "lessThanOrEqual": "9.0.95",
                "status": "affected",
                "version": "9.0.0-M1",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "10.1.30",
                "status": "affected",
                "version": "10.1.0-M1",
                "versionType": "semver"
              },
              {
                "lessThanOrEqual": "11.0.0-M26",
                "status": "affected",
                "version": "11.0.0-M1",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-52316",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-18T14:50:59.890424Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-13T13:30:10.255Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-01-24T20:03:09.111Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/11/18/2"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20250124-0003/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Tomcat",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "11.0.0-M26",
              "status": "affected",
              "version": "11.0.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.1.30",
              "status": "affected",
              "version": "10.1.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.0.95",
              "status": "affected",
              "version": "9.0.0-M1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.5.100",
              "status": "affected",
              "version": "8.5.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUnchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC)\u0026nbsp;ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the authentication may not fail, allowing the user to bypass the authentication process. There are no known Jakarta\u0026nbsp;Authentication components that behave in this way.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M26, from 10.1.0-M1 through 10.1.30, from 9.0.0-M1 through 9.0.95.\u003c/p\u003e\u003cp\u003eThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fix the issue.\u003c/p\u003e"
            }
          ],
          "value": "Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC)\u00a0ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the authentication may not fail, allowing the user to bypass the authentication process. There are no known Jakarta\u00a0Authentication components that behave in this way.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M26, from 10.1.0-M1 through 10.1.30, from 9.0.0-M1 through 9.0.95.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100.\n\n\nUsers are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fix the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "low"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-391",
              "description": "CWE-391 Unchecked Error Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-08T11:20:48.868Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/lopzlqh91jj9n334g02om08sbysdb928"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Apache Tomcat: Authentication bypass when using Jakarta Authentication API",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-52316",
    "datePublished": "2024-11-18T11:32:22.072Z",
    "dateReserved": "2024-11-07T07:41:56.639Z",
    "dateUpdated": "2025-08-13T13:30:10.255Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

WID-SEC-W-2024-3486

Vulnerability from csaf_certbund

CVE-2024-52317 (GCVE-0-2024-52317)

Vulnerability from cvelistv5

CVE-2024-52316 (GCVE-0-2024-52316)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature