Main Vulnerability Database Exploits ID:10739 - Exploit for Data Handling in Apache Tomcat - CVE-2022-29885

ID:10739 - Exploit for Data Handling in Apache Tomcat - CVE-2022-29885

Published: October 25, 2024

Vulnerability identifier: #VU63225

Vulnerability risk: Low

CVE-ID: CVE-2022-29885

CWE-ID: CWE-19

Exploitation vector: Remote access

Vulnerable software:
Apache Tomcat

Link to public exploit:

https://www.exploit-db.com/exploits/51262/

Vulnerability description

The vulnerability allows a remote attacker to perform DoS attack.

The vulnerability exists due to an error in documentation for the EncryptInterceptor, which incorrectly stated that it enabled Tomcat clustering to run over an untrusted network. A remote attacker can perform a denial of service attack against the exposed EncryptInterceptor.

Remediation

Install updates from vendor's website.

ID:10739 - Exploit for Data Handling in Apache Tomcat - CVE-2022-29885

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human