CVE-2022-23181Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat

CWE-367Time-of-check Time-of-use (TOCTOU) Race Condition12 documents8 sources
Severity
7.0HIGHNVD
EPSS
0.2%
top 55.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Apache TomcatOracle Mysql Enterprise MonitorApache Software Foundation Apache Tomcat+5 more
Timeline
PublishedJan 27
Latest updateAug 1

Description

The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages7 packages

NVDapache/tomcat8.5.558.5.73+4
NVDoracle/managed_file_transfer12.2.1.3.0, 12.2.1.4.0+1

Also affects: Debian Linux 10.0, 11.0

Patches

Patch: www.oracle.comPatch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

4
OSV
Race condition in Apache Tomcat2022-02-01
GHSA
Race condition in Apache Tomcat2022-02-01
CVEList
Local privilege escalation with FileStore2022-01-27
OSV
CVE-2022-23181: The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 102022-01-27

📋Vendor Advisories

7
Ubuntu
Tomcat vulnerabilities2024-08-01
Oracle
Oracle Oracle Retail Applications Risk Matrix: Xenvironment (Apache Tomcat) — CVE-2022-231812023-04-15
Oracle
Oracle Oracle Communications Applications Risk Matrix: Installation (Apache Tomcat) — CVE-2022-231812022-10-15
Oracle
Oracle Oracle Financial Services Applications Risk Matrix: Studio (Apache Tomcat) — CVE-2022-231812022-07-15
Oracle
Oracle Oracle Communications Risk Matrix: Policy (Apache Tomcat) — CVE-2022-231812022-04-15