Rewterz Threat Advisory –CVE-2021-35211 – SolarWinds Serv-U Managed File Transfer Server Vulnerability
July 13, 2021Rewterz Threat Alert – Lokibot Malware – Active IOCs
July 13, 2021Rewterz Threat Advisory –CVE-2021-35211 – SolarWinds Serv-U Managed File Transfer Server Vulnerability
July 13, 2021Rewterz Threat Alert – Lokibot Malware – Active IOCs
July 13, 2021Severity
Medium
Analysis Summary
CVE-2021-30640
Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by improper authentication validation in the JNDI Realm. By sending a specially-crafted request using various user names, an attacker could exploit this vulnerability to bypass some of the protection provided by the LockOut Realm.
CVE-2021-30639
Apache Tomcat is vulnerable to a denial of service, caused by improper error handling during non-blocking I/O. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to trigger non-blocking I/O errors, and results in a denial of service condition.
CVE-2021-30129
Apache Mina SSHD is vulnerable to a denial of service, caused by an OutOfMemory flaw in the SFTP and port forwarding features in sshd-core. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Bypass Security
- Denial of Service
Affected Vendors
Apache
Affected Products
- Apache Tomcat 7
- Apache Tomcat 8.5.0
- Apache Tomcat 9.0.0.M1
- Apache Tomcat 9.0.44
- Apache Tomcat 10.0.3
- Apache Tomcat 10.0.4
- Apache Mina SSHD 2.0.0
- Apache Mina SSHD 2.1.0
- Apache Mina SSHD 2.3.0
Remediation
Upgrade to the latest version of Apache Tomcat (7.0.109, 8.5.66, 9.0.46, 10.0.6 or later), available from the Apache Web site.