Web Servers : Apache Tomcat RCE Vulnerability (Mar 2025)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.154161

Categoría: Web Servers

Título: Apache Tomcat RCE Vulnerability (Mar 2025) - Windows

Resumen: Apache Tomcat is prone to a remote code execution (RCE); vulnerability.

Descripción: Summary:
Apache Tomcat is prone to a remote code execution (RCE)
vulnerability.

Vulnerability Insight:
The original implementation of partial PUT used a temporary
file based on the user provided file name and path with the path separator replaced by '.'.

If all of the following are true, a malicious user is able to view security sensitive files
and/or inject content into those files:

- writes enabled for the default servlet (disabled by default)

- support for partial PUT (enabled by default)

- a target URL for security sensitive uploads that is a sub-directory of a target URL for public
uploads

- attacker knowledge of the names of security sensitive files being uploaded

- the security sensitive files also being uploaded via partial PUT

If all of the following are true, a malicious user is able to perform remote code execution:

- writes enabled for the default servlet (disabled by default)

- support for partial PUT (enabled by default)

- application is using Tomcat's file based session persistence with the default storage location

- application includes a library that may be leveraged in a deserialization attack

Affected Software/OS:
Apache Tomcat version 9.0.98 and prior, 10.x through 10.1.34
and 11.0.0-M1 through 11.0.2.

Note: While not explicitly mentioned by the vendor (due to the EOL status of these branches) it
is assumed that the whole 10.x branch and all versions prior to 9.x are affected by these flaws.
If you disagree with this assessment and want to accept the risk please create an override for
this result.

Solution:
Update to version 9.0.99, 10.1.35, 11.0.3 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2025-24813

Copyright Copyright (C) 2025 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.154161
Categoría:	Web Servers
Título:	Apache Tomcat RCE Vulnerability (Mar 2025) - Windows
Resumen:	Apache Tomcat is prone to a remote code execution (RCE); vulnerability.
Descripción:	Summary: Apache Tomcat is prone to a remote code execution (RCE) vulnerability. Vulnerability Insight: The original implementation of partial PUT used a temporary file based on the user provided file name and path with the path separator replaced by '.'. If all of the following are true, a malicious user is able to view security sensitive files and/or inject content into those files: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - a target URL for security sensitive uploads that is a sub-directory of a target URL for public uploads - attacker knowledge of the names of security sensitive files being uploaded - the security sensitive files also being uploaded via partial PUT If all of the following are true, a malicious user is able to perform remote code execution: - writes enabled for the default servlet (disabled by default) - support for partial PUT (enabled by default) - application is using Tomcat's file based session persistence with the default storage location - application includes a library that may be leveraged in a deserialization attack Affected Software/OS: Apache Tomcat version 9.0.98 and prior, 10.x through 10.1.34 and 11.0.0-M1 through 11.0.2. Note: While not explicitly mentioned by the vendor (due to the EOL status of these branches) it is assumed that the whole 10.x branch and all versions prior to 9.x are affected by these flaws. If you disagree with this assessment and want to accept the risk please create an override for this result. Solution: Update to version 9.0.99, 10.1.35, 11.0.3 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2025-24813
Copyright	Copyright (C) 2025 Greenbone AG