CVE-2022-25762

CWE-404CWE-2269 documents8 sources
Severity
8.6HIGH
EPSS
0.6%
top 29.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apache TomcatApache Software Foundation Apache TomcatOracle Agile PLM
Timeline
PublishedMay 13
Latest updateJul 15

Description

If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that the application will continue to use the socket after it has been closed. The error handling triggered in this case could cause the a pooled object to be placed in the pool twice. This could result in subsequent connections using the same object concurrently which could result in data being returne

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:LExploitability: 3.9 | Impact: 4.7

Affected Packages5 packages

NVDapache/tomcat8.5.08.5.76+1
Mavenorg.apache.tomcat:tomcat8.5.08.5.75+1
CVEListV5apache_software_foundation/apache_tomcatApache Tomcat 8.5 8.5.0 to 8.5.75, Apache Tomcat 9 9.0.0.M1 to 9.0.20+1
Debiantomcat9< 9.0.22-1+3
NVDoracle/agile_plm9.3.6

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

4
OSV
Improper socket reuse in Apache Tomcat2022-05-14
GHSA
Improper socket reuse in Apache Tomcat2022-05-14
CVEList
Response mix-up with WebSocket concurrent send and close2022-05-13
OSV
CVE-2022-25762: If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 82022-05-13

📋Vendor Advisories

4
Oracle
Oracle Oracle Supply Chain Risk Matrix: Security (Apache Tomcat) — CVE-2022-257622022-07-15
Red Hat
tomcat: request mixup2022-05-12
Debian
CVE-2022-25762: tomcat9 - If a web application sends a WebSocket message concurrently with the WebSocket c...2022
Apache
Apache tomcat: CVE-2022-25762
CVE-2022-25762 (HIGH CVSS 8.6) | If a web application sends a WebSoc | cvebase.io