Lucene search

AmazonALAS-2022-1572

HistoryMar 07, 2022 - 11:20 p.m.

Medium: tomcat8

2022-03-0723:20:00

alas.aws.amazon.com

tomcat8

cve-2022-23181

time of check

time of use

filestore

red hat

mitre

unix

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.914

Percentile

99.0%

JSON

Issue Overview:

The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore. (CVE-2022-23181)

Affected Packages:

tomcat8

Issue Correction:
Run yum update tomcat8 to update your system.

New Packages:

noarch:  
    tomcat8-log4j-8.5.75-1.90.amzn1.noarch  
    tomcat8-admin-webapps-8.5.75-1.90.amzn1.noarch  
    tomcat8-el-3.0-api-8.5.75-1.90.amzn1.noarch  
    tomcat8-javadoc-8.5.75-1.90.amzn1.noarch  
    tomcat8-lib-8.5.75-1.90.amzn1.noarch  
    tomcat8-docs-webapp-8.5.75-1.90.amzn1.noarch  
    tomcat8-webapps-8.5.75-1.90.amzn1.noarch  
    tomcat8-servlet-3.1-api-8.5.75-1.90.amzn1.noarch  
    tomcat8-8.5.75-1.90.amzn1.noarch  
    tomcat8-jsp-2.3-api-8.5.75-1.90.amzn1.noarch  
  
src:  
    tomcat8-8.5.75-1.90.amzn1.src

Additional References

Red Hat: CVE-2022-23181

Mitre: CVE-2022-23181

OSVersionArchitecturePackageVersionFilename
Amazon Linux1noarchtomcat8-log4j< 8.5.75-1.90.amzn1tomcat8-log4j-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux1noarchtomcat8-admin-webapps< 8.5.75-1.90.amzn1tomcat8-admin-webapps-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux1noarchtomcat8-el-3.0-api< 8.5.75-1.90.amzn1tomcat8-el-3.0-api-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux1noarchtomcat8-javadoc< 8.5.75-1.90.amzn1tomcat8-javadoc-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux1noarchtomcat8-lib< 8.5.75-1.90.amzn1tomcat8-lib-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux1noarchtomcat8-docs-webapp< 8.5.75-1.90.amzn1tomcat8-docs-webapp-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux1noarchtomcat8-webapps< 8.5.75-1.90.amzn1tomcat8-webapps-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux1noarchtomcat8-servlet-3.1-api< 8.5.75-1.90.amzn1tomcat8-servlet-3.1-api-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux1noarchtomcat8< 8.5.75-1.90.amzn1tomcat8-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux1noarchtomcat8-jsp-2.3-api< 8.5.75-1.90.amzn1tomcat8-jsp-2.3-api-8.5.75-1.90.amzn1.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
Amazon Linux	1	noarch	tomcat8-log4j	< 8.5.75-1.90.amzn1	tomcat8-log4j-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux	1	noarch	tomcat8-admin-webapps	< 8.5.75-1.90.amzn1	tomcat8-admin-webapps-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux	1	noarch	tomcat8-el-3.0-api	< 8.5.75-1.90.amzn1	tomcat8-el-3.0-api-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux	1	noarch	tomcat8-javadoc	< 8.5.75-1.90.amzn1	tomcat8-javadoc-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux	1	noarch	tomcat8-lib	< 8.5.75-1.90.amzn1	tomcat8-lib-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux	1	noarch	tomcat8-docs-webapp	< 8.5.75-1.90.amzn1	tomcat8-docs-webapp-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux	1	noarch	tomcat8-webapps	< 8.5.75-1.90.amzn1	tomcat8-webapps-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux	1	noarch	tomcat8-servlet-3.1-api	< 8.5.75-1.90.amzn1	tomcat8-servlet-3.1-api-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux	1	noarch	tomcat8	< 8.5.75-1.90.amzn1	tomcat8-8.5.75-1.90.amzn1.noarch.rpm
Amazon Linux	1	noarch	tomcat8-jsp-2.3-api	< 8.5.75-1.90.amzn1	tomcat8-jsp-2.3-api-8.5.75-1.90.amzn1.noarch.rpm