ID de Prueba:	1.3.6.1.4.1.25623.1.0.146269
Categoría:	Web Servers
Título:	Apache Tomcat DoS Vulnerability (Jul 2021) - Windows
Resumen:	Apache Tomcat is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: Apache Tomcat is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: An error introduced as part of a change to improve error handling during non-blocking I/O means that the error flag associated with the Request object is not reset between requests. This means that once a non-blocking I/O error occurres, all future requests handled by that request object will fail. Users are able to trigger non-blocking I/O errors, e.g. by dropping a connection, thereby creating the possibility of triggering a DoS. Applications that do not use non-blocking I/O are not exposed to this vulnerability. Affected Software/OS: Apache Tomcat 8.5.64, 9.0.44 and 10.0.3 through 10.0.4. Solution: Update to version 8.5.65, 9.0.45, 10.0.5 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-30639 https://kc.mcafee.com/corporate/index?page=content&id=SB10366 https://security.netapp.com/advisory/ntap-20210827-0007/ https://security.gentoo.org/glsa/202208-34 https://lists.apache.org/thread.html/rd84fae1f474597bdf358f5bdc0a5c453c507bd527b83e8be6b5ea3f4%40%3Cannounce.tomcat.apache.org%3E https://www.oracle.com/security-alerts/cpujan2022.html https://lists.apache.org/thread.html/r79a7c019712b39aedf7cf4da9276d80610f04441b2a4f6506cb2daaf@%3Cdev.tomcat.apache.org%3E https://lists.apache.org/thread.html/r79a7c019712b39aedf7cf4da9276d80610f04441b2a4f6506cb2daaf@%3Cusers.tomcat.apache.org%3E
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.