CVE-2022-23181

{"id": "CVE-2022-23181", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.7, "accessVector": "LOCAL", "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 1.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.0, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.0}]}, "published": "2022-01-27T13:15:08.060", "references": [{"url": "https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9", "tags": ["Mailing List", "Mitigation", "Vendor Advisory"], "source": "security@apache.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://security.netapp.com/advisory/ntap-20220217-0010/", "tags": ["Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://www.debian.org/security/2022/dsa-5265", "tags": ["Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "security@apache.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security@apache.org", "description": [{"lang": "en", "value": "CWE-367"}]}, {"type": "Secondary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-367"}]}], "descriptions": [{"lang": "en", "value": "The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore."}, {"lang": "es", "value": "Una correcci\u00f3n del bug CVE-2020-9484 introdujo una vulnerabilidad de tiempo de comprobaci\u00f3n, tiempo de uso en Apache Tomcat versiones 10.1.0-M1 a 10.1.0-M8, versiones 10.0.0-M5 a 10.0.14, versiones 9.0.35 a 9.0.56 y versiones 8.5.55 a 8.5.73, que permit\u00eda a un atacante local llevar a cabo acciones con los privilegios del usuario que est\u00e1 usando el proceso Tomcat. Este problema s\u00f3lo es explotable cuando Tomcat est\u00e1 configurado para persistir sesiones usando el FileStore"}], "lastModified": "2022-11-07T18:49:11.033", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B1B1948-279A-496F-B6BE-09B6450B92B9", "versionEndIncluding": "8.5.73", "versionStartIncluding": "8.5.55"}, {"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64612E68-03F6-4BB8-BF27-0EBA1FF4E8DD", "versionEndIncluding": "9.0.56", "versionStartIncluding": "9.0.35"}, {"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "107AE685-1C09-4DFD-BD52-1E5C1AC51769", "versionEndIncluding": "10.0.14", "versionStartIncluding": "10.0.1"}, {"criteria": "cpe:2.3:a:apache:tomcat:10.0.0:milestone10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83B9FF07-1B93-4F8C-AC56-7CA74E61B724"}, {"criteria": "cpe:2.3:a:apache:tomcat:10.0.0:milestone5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53A9F7EE-AF2A-43E5-B708-0198784AB45A"}, {"criteria": "cpe:2.3:a:apache:tomcat:10.0.0:milestone6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC872C5F-63AF-4BB8-8629-334FC9704AE8"}, {"criteria": "cpe:2.3:a:apache:tomcat:10.0.0:milestone7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94B95C95-DF3E-49C1-9CA0-4474DD7EF7B8"}, {"criteria": "cpe:2.3:a:apache:tomcat:10.0.0:milestone8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "310B0163-01DE-40DA-A2EA-FFA4A6100037"}, {"criteria": "cpe:2.3:a:apache:tomcat:10.0.0:milestone9:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75420449-A951-4133-A5F1-4C01F2DF843B"}, {"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D402B5D-5901-43EB-8E6A-ECBD512CE367"}, {"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9846609D-51FC-4CDD-97B3-8C6E07108F14"}, {"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E321FB4-0B0C-497A-BB75-909D888C93CB"}, {"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B0CAE57-AF7A-40E6-9519-F5C9F422C1BE"}, {"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CB9D150-EED6-4AE9-BCBE-48932E50035E"}, {"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D334103F-F64E-4869-BCC8-670A5AFCC76C"}, {"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "941FCF7B-FFB6-4967-95C7-BB3D32C73DAF"}, {"criteria": "cpe:2.3:a:apache:tomcat:10.1.0:milestone8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE1A9030-B397-4BA6-8E13-DA1503872DDB"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80C9DBB8-3D50-4D5D-859A-B022EB7C2E64"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4367D9B-BF81-47AD-A840-AC46317C774D"}, {"criteria": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55F091C7-0869-4FD6-AC73-DA697D990304"}, {"criteria": "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D134C60-F9E2-46C2-8466-DB90AD98439E"}, {"criteria": "cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2E3E923-E2AD-400D-A618-26ADF7F841A2"}, {"criteria": "cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AB58D27-37F2-4A32-B786-3490024290A1"}, {"criteria": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0EBAC6D-D0CE-42A1-AEA0-2D50C8035747", "versionEndIncluding": "8.0.29"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}, {"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"}], "operator": "OR"}]}], "sourceIdentifier": "security@apache.org"}