Rewterz Threat Advisory – CVE-2022-22942 – Linux Kernel Vulnerabaility
January 28, 2022Rewterz Threat Alert – Raccoon Infostealer – Active IOCs
January 28, 2022Rewterz Threat Advisory – CVE-2022-22942 – Linux Kernel Vulnerabaility
January 28, 2022Rewterz Threat Alert – Raccoon Infostealer – Active IOCs
January 28, 2022Severity
High
Analysis Summary
CVE-2022-23181
Apache Tomcat could allow a local authenticated attacker to gain elevated privileges on the system, caused by a time of check, time of use flaw when configured to persist sessions using the FileStore. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to perform actions with the privileges of Tomcat process.
Impact
- Priviilege Escalation
Affected Vendors
Apache Tomcat
Affected Products
- Apache Tomcat 8.5.55
- Apache Tomcat 8.5.73
Remediation
Upgrade to the latest version of Tomcat, available from the Apache Web site.