From 6d1b44e2d5a99aef061ac9df321dcc1e731da3b3 Mon Sep 17 00:00:00 2001 From: "Mark J. Cox" Date: Thu, 27 Jan 2022 12:31:09 +0000 Subject: [PATCH] Tomcat --- 2022/23xxx/CVE-2022-23181.json | 86 +++++++++++++++++++++++++++++++--- 1 file changed, 79 insertions(+), 7 deletions(-) diff --git a/2022/23xxx/CVE-2022-23181.json b/2022/23xxx/CVE-2022-23181.json index 3a0514b3fb3..8f9abc8cecd 100644 --- a/2022/23xxx/CVE-2022-23181.json +++ b/2022/23xxx/CVE-2022-23181.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security@apache.org", "ID": "CVE-2022-23181", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Local privilege escalation with FileStore" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Apache Tomcat", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_name": "Apache Tomcat 10.1", + "version_value": "10.1.0-M1 to 10.1.0-M8" + }, + { + "version_affected": "=", + "version_name": "Apache Tomcat 10.0", + "version_value": "10.0.0-M5 to 10.0.14" + }, + { + "version_affected": "=", + "version_name": "Apache Tomcat 9", + "version_value": "9.0.35 to 9.0.56" + }, + { + "version_affected": "=", + "version_name": "Apache Tomcat 8", + "version_value": "8.5.55 to 8.5.73" + } + ] + } + } + ] + }, + "vendor_name": "Apache Software Foundation" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore. " } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": [ + { + "other": "low" + } + ], + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } -} \ No newline at end of file +}