ghsa-2582-53pq-96cq
Vulnerability from github
Published
2024-09-23 12:31
Modified
2024-09-23 12:31
Details
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing mod_jk configuration which may lead to information disclosure and/or denial of service.
This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49. Only mod_jk on Unix like systems is affected. Neither the ISAPI redirector nor mod_jk on Windows is affected.
Users are recommended to upgrade to version 1.2.50, which fixes the issue.
{ "affected": [], "aliases": [ "CVE-2024-46544" ], "database_specific": { "cwe_ids": [ "CWE-276" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2024-09-23T11:15:10Z", "severity": null }, "details": "Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing mod_jk configuration which may lead to information disclosure and/or denial of service.\n\nThis issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49. Only mod_jk on Unix like systems is affected. Neither the ISAPI redirector nor mod_jk on Windows is affected.\n\nUsers are recommended to upgrade to version 1.2.50, which fixes the issue.", "id": "GHSA-2582-53pq-96cq", "modified": "2024-09-23T12:31:09Z", "published": "2024-09-23T12:31:09Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46544" }, { "type": "WEB", "url": "https://lists.apache.org/thread/q1gp7cc38hs1r8gj8gfnopwznd5fpr4d" } ], "schema_version": "1.4.0", "severity": [] }
Loading...