CVE-2022-23181
HIGHApache Tomcat 8.5.55-8.5.73, 9.0.35-9.0.56, 10.0.0-M5-10.0.14, 10.1.0-M1-10.1.0-M8 - TOCTOU Race Condition in FileStore
Title source: llmDescription
The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore.
References (6)
Core 6
Core References
Mailing List, Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html
Third Party Advisory vendor-advisory
https://www.debian.org/security/2022/dsa-5265
Mailing List, Mitigation, Vendor Advisory
https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220217-0010/
Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html
Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html
Scores
CVSS v3
7.0
EPSS
0.0024
EPSS Percentile
46.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-367
Status
published
Products (13)
apache/tomcat
10.0.0 milestone10 (6 CPE variants)
apache/tomcat
10.1.0 milestone1 (8 CPE variants)
apache/tomcat
8.5.55 - 8.5.73
debian/debian_linux
10.0
debian/debian_linux
11.0
oracle/agile_engineering_data_management
6.2.1.0
oracle/communications_cloud_native_core_policy
1.15.0
oracle/financial_services_crime_and_compliance_management_studio
8.0.8.2.0
oracle/financial_services_crime_and_compliance_management_studio
8.0.8.3.0
oracle/managed_file_transfer
12.2.1.3.0
... and 3 more
Published
Jan 27, 2022
Tracked Since
Feb 18, 2026