CVE-2024-50379 – Apache Tomcat Vulnerability

Severity

High

Analysis Summary

CVE-2024-50379

Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.08, which fixes the issue.

Impact

Code Execution

Indicators of Compromise

CVE

CVE-2024-50379

Affected Vendors

Apache

Affected Products

Apache Tomcat - 10.1.0-M1
Apache Tomcat - 9.0.0.M1
Apache Tomcat - 9.0.97
Apache Tomcat - 10.1.33
Apache Tomcat - 11.0.0-M1
Apache Tomcat - 11.0.1

Remediation

Upgrade to the latest version of Apache Tomcat, available from the Apache Website.

Apache Website

Bitter APT Uses WmRAT and MiyaRAT to Target Turkish Defense Sector – Active IOCs

Attackers Install Obfuscated Backdoors Targeting Pakistan Using Microsoft MSC Files – Active IOCs

CVE-2024-50379 – Apache Tomcat Vulnerability

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan