gsd-2021-24122
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances.
Aliases
Aliases



{
  "GSD": {
    "alias": "CVE-2021-24122",
    "description": "When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances.",
    "id": "GSD-2021-24122",
    "references": [
      "https://www.suse.com/security/cve/CVE-2021-24122.html",
      "https://access.redhat.com/errata/RHSA-2021:3425",
      "https://access.redhat.com/errata/RHSA-2021:0495",
      "https://access.redhat.com/errata/RHSA-2021:0494",
      "https://advisories.mageia.org/CVE-2021-24122.html",
      "https://security.archlinux.org/CVE-2021-24122",
      "https://access.redhat.com/errata/RHSA-2022:5532"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-24122"
      ],
      "details": "When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances.",
      "id": "GSD-2021-24122",
      "modified": "2023-12-13T01:23:37.852461Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@apache.org",
        "ID": "CVE-2021-24122",
        "STATE": "PUBLIC",
        "TITLE": "Apache Tomcat information disclosure"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Apache Tomcat",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "Apache Tomcat 10",
                          "version_value": "10.0.0-M10"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "Apache Tomcat 9",
                          "version_value": "9.0.40"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "Apache Tomcat 8.5",
                          "version_value": "8.5.60"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "Apache Tomcat 7",
                          "version_value": "7.0.106"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Apache Software Foundation"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "This issue was identified by Ilja Brander."
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {},
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-200 Information Exposure"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-announce] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20210114 svn commit: r1885488 - in /tomcat/site/trunk: docs/security-10.html docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-10.xml xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomee-dev] 20210114 Re: Releases?",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E"
          },
          {
            "name": "[oss-security] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2021/01/14/1"
          },
          {
            "name": "[announce] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-users] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E"
          },
          {
            "name": "[tomee-dev] 20210115 CVE-2021-24122 NTFS Information Disclosure Bug",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E"
          },
          {
            "name": "[debian-lts-announce] 20210316 [SECURITY] [DLA 2596-1] tomcat8 security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html"
          },
          {
            "name": "https://www.oracle.com//security-alerts/cpujul2021.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20210212-0008/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20210212-0008/"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[7.0.0,7.0.106],[8.5.0,8.5.59],[9.0.0,9.0.39],[10.0.0-M1,10.0.0-M9]",
          "affected_versions": "All versions starting from 7.0.0 up to 7.0.106, all versions starting from 8.5.0 up to 8.5.59, all versions starting from 9.0.0 up to 9.0.39, all versions starting from 10.0.0-M1 up to 10.0.0-M9",
          "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-706",
            "CWE-937"
          ],
          "date": "2022-10-24",
          "description": "When serving resources from a network location using the NTFS file system, Apache Tomcat is susceptible to JSP source code disclosure in some configurations. The root cause is the unexpected behaviour of the JRE API `File.getCanonicalPath()` which in turn is caused by the inconsistent behaviour of the Windows API (`FindFirstFileW`) in some circumstances.",
          "fixed_versions": [
            "10.0.0-M10",
            "9.0.40",
            "8.5.60",
            "7.0.107"
          ],
          "identifier": "CVE-2021-24122",
          "identifiers": [
            "CVE-2021-24122"
          ],
          "not_impacted": "All versions starting from 7.0.107 before 8.5.0, all versions starting from 8.5.60 before 9.0.0, all versions starting from 10.0.0-M10",
          "package_slug": "maven/org.apache.tomcat.embed/tomcat-embed-core",
          "pubdate": "2021-01-14",
          "solution": "Upgrade to version 7.0.107, 8.5.60, 9.0.40, 10.0.0-M10 or higher",
          "title": "Information Exposure",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-24122"
          ],
          "uuid": "f4423504-346b-4d1f-b5ca-cc6b1f88afde"
        },
        {
          "affected_range": "[7.0.0,7.0.106],[8.5.0,8.5.59],[9.0.0,9.0.39],[10.0.0-M1,10.0.0-M9]",
          "affected_versions": "All versions starting from 7.0.0 up to 7.0.106, all versions starting from 8.5.0 up to 8.5.59, all versions starting from 9.0.0 up to 9.0.39, all versions starting from 10.0.0-M1 up to 10.0.0-M9",
          "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-706",
            "CWE-937"
          ],
          "date": "2022-10-24",
          "description": "When serving resources from a network location using the NTFS file system, Apache Tomcat is susceptible to JSP source code disclosure in some configurations. The root cause is the unexpected behaviour of the JRE API `File.getCanonicalPath()` which in turn is caused by the inconsistent behaviour of the Windows API (`FindFirstFileW`) in some circumstances.",
          "fixed_versions": [
            "10.0.0-M10",
            "9.0.40",
            "8.5.60",
            "7.0.107"
          ],
          "identifier": "CVE-2021-24122",
          "identifiers": [
            "CVE-2021-24122"
          ],
          "not_impacted": "All versions starting from 7.0.107 before 8.5.0, all versions starting from 8.5.60 before 9.0.0, all versions starting from 10.0.0-M10",
          "package_slug": "maven/org.apache.tomcat.embed/tomcat-embed-websocket",
          "pubdate": "2021-01-14",
          "solution": "Upgrade to version 7.0.107, 8.5.60, 9.0.40, 10.0.0-M10 or higher",
          "title": "Information Exposure",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-24122"
          ],
          "uuid": "042241d7-469f-4b73-b3a0-1db058100c25"
        },
        {
          "affected_range": "[7.0.0,7.0.106],[8.5.0,8.5.59],[9.0.0,9.0.39],[10.0.0-M1,10.0.0-M9]",
          "affected_versions": "All versions starting from 7.0.0 up to 7.0.106, all versions starting from 8.5.0 up to 8.5.59, all versions starting from 9.0.0 up to 9.0.39, all versions starting from 10.0.0-M1 up to 10.0.0-M9",
          "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-706",
            "CWE-937"
          ],
          "date": "2022-10-24",
          "description": "When serving resources from a network location using the NTFS file system, Apache Tomcat is susceptible to JSP source code disclosure in some configurations. The root cause is the unexpected behaviour of the JRE API `File.getCanonicalPath()` which in turn is caused by the inconsistent behaviour of the Windows API (`FindFirstFileW`) in some circumstances.",
          "fixed_versions": [
            "10.0.0-M10",
            "9.0.40",
            "8.5.60",
            "7.0.107"
          ],
          "identifier": "CVE-2021-24122",
          "identifiers": [
            "CVE-2021-24122"
          ],
          "not_impacted": "All versions starting from 7.0.107 before 8.5.0, all versions starting from 8.5.60 before 9.0.0, all versions starting from 10.0.0-M10",
          "package_slug": "maven/org.apache.tomcat/coyote",
          "pubdate": "2021-01-14",
          "solution": "Upgrade to version 7.0.107, 8.5.60, 9.0.40, 10.0.0-M10 or higher",
          "title": "Information Exposure",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-24122"
          ],
          "uuid": "6187a915-6195-4e7f-b18a-9c35d7f8c3c7"
        },
        {
          "affected_range": "[7.0.0,7.0.106],[8.5.0,8.5.59],[9.0.0,9.0.39],[10.0.0-M1,10.0.0-M9]",
          "affected_versions": "All versions starting from 7.0.0 up to 7.0.106, all versions starting from 8.5.0 up to 8.5.59, all versions starting from 9.0.0 up to 9.0.39, all versions starting from 10.0.0-M1 up to 10.0.0-M9",
          "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-706",
            "CWE-937"
          ],
          "date": "2022-10-24",
          "description": "When serving resources from a network location using the NTFS file system, Apache Tomcat is susceptible to JSP source code disclosure in some configurations. The root cause is the unexpected behaviour of the JRE API `File.getCanonicalPath()` which in turn is caused by the inconsistent behaviour of the Windows API (`FindFirstFileW`) in some circumstances.",
          "fixed_versions": [
            "10.0.0-M10",
            "9.0.40",
            "8.5.60",
            "7.0.107"
          ],
          "identifier": "CVE-2021-24122",
          "identifiers": [
            "CVE-2021-24122"
          ],
          "not_impacted": "All versions starting from 7.0.107 before 8.5.0, all versions starting from 8.5.60 before 9.0.0, all versions starting from 10.0.0-M10",
          "package_slug": "maven/org.apache.tomcat/tomcat-catalina",
          "pubdate": "2021-01-14",
          "solution": "Upgrade to version 7.0.107, 8.5.60, 9.0.40, 10.0.0-M10 or higher",
          "title": "Information Exposure",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-24122",
            "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E"
          ],
          "uuid": "12e783ad-093a-4f8f-bac4-22198c956ef1"
        },
        {
          "affected_range": "[7.0.0,7.0.106],[8.5.0,8.5.59],[9.0.0,9.0.39],[10.0.0-M1,10.0.0-M9]",
          "affected_versions": "All versions starting from 7.0.0 up to 7.0.106, all versions starting from 8.5.0 up to 8.5.59, all versions starting from 9.0.0 up to 9.0.39, all versions starting from 10.0.0-M1 up to 10.0.0-M9",
          "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-706",
            "CWE-937"
          ],
          "date": "2022-10-24",
          "description": "When serving resources from a network location using the NTFS file system, Apache Tomcat is susceptible to JSP source code disclosure in some configurations. The root cause is the unexpected behaviour of the JRE API `File.getCanonicalPath()` which in turn is caused by the inconsistent behaviour of the Windows API (`FindFirstFileW`) in some circumstances.",
          "fixed_versions": [
            "10.0.0-M10",
            "9.0.40",
            "8.5.60",
            "7.0.107"
          ],
          "identifier": "CVE-2021-24122",
          "identifiers": [
            "CVE-2021-24122"
          ],
          "not_impacted": "All versions starting from 7.0.107 before 8.5.0, all versions starting from 8.5.60 before 9.0.0, all versions starting from 10.0.0-M10",
          "package_slug": "maven/org.apache.tomcat/tomcat-coyote",
          "pubdate": "2021-01-14",
          "solution": "Upgrade to version 7.0.107, 8.5.60, 9.0.40, 10.0.0-M10 or higher",
          "title": "Information Exposure",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-24122"
          ],
          "uuid": "3326b411-c10e-4c0d-8bbc-5cd2ef4db61e"
        },
        {
          "affected_range": "[7.0.0,7.0.106],[8.5.0,8.5.59],[9.0.0,9.0.39],[10.0.0]",
          "affected_versions": "All versions starting from 7.0.0 up to 7.0.106, all versions starting from 8.5.0 up to 8.5.59, all versions starting from 9.0.0 up to 9.0.39, version 10.0.0",
          "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-706",
            "CWE-937"
          ],
          "date": "2022-10-24",
          "description": "When serving resources from a network location using the NTFS file system, Apache Tomcat is susceptible to JSP source code disclosure in some configurations. The root cause is the unexpected behaviour of the JRE API `File.getCanonicalPath()` which in turn is caused by the inconsistent behaviour of the Windows API (`FindFirstFileW`) in some circumstances.",
          "fixed_versions": [
            "7.0.107",
            "8.5.60",
            "9.0.40",
            "10.0.2"
          ],
          "identifier": "CVE-2021-24122",
          "identifiers": [
            "CVE-2021-24122"
          ],
          "not_impacted": "All versions before 7.0.0, all versions after 7.0.106 before 8.5.0, all versions after 8.5.59 before 9.0.0, all versions after 9.0.39 before 10.0.0, all versions after 10.0.0",
          "package_slug": "maven/org.apache.tomcat/tomcat-util",
          "pubdate": "2021-01-14",
          "solution": "Upgrade to versions 7.0.107, 8.5.60, 9.0.40, 10.0.2 or above.",
          "title": "Information Exposure",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-24122"
          ],
          "uuid": "89ce9ada-2598-4ae9-8e7e-66064c307b39"
        },
        {
          "affected_range": "[7.0.0,7.0.106],[8.5.0,8.5.59],[9.0.0,9.0.39],[10.0.0-M1,10.0.0-M9]",
          "affected_versions": "All versions starting from 7.0.0 up to 7.0.106, all versions starting from 8.5.0 up to 8.5.59, all versions starting from 9.0.0 up to 9.0.39, all versions starting from 10.0.0-M1 up to 10.0.0-M9",
          "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-706",
            "CWE-937"
          ],
          "date": "2022-10-24",
          "description": "When serving resources from a network location using the NTFS file system, Apache Tomcat is susceptible to JSP source code disclosure in some configurations. The root cause is the unexpected behaviour of the JRE API `File.getCanonicalPath()` which in turn is caused by the inconsistent behaviour of the Windows API (`FindFirstFileW`) in some circumstances.",
          "fixed_versions": [
            "10.0.0-M10",
            "9.0.40",
            "8.5.60",
            "7.0.107"
          ],
          "identifier": "CVE-2021-24122",
          "identifiers": [
            "CVE-2021-24122"
          ],
          "not_impacted": "All versions starting from 7.0.107 before 8.5.0, all versions starting from 8.5.60 before 9.0.0, all versions starting from 10.0.0-M10",
          "package_slug": "maven/org.apache.tomcat/tomcat",
          "pubdate": "2021-01-14",
          "solution": "Upgrade to version 7.0.107, 8.5.60, 9.0.40, 10.0.0-M10 or higher",
          "title": "Information Exposure",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-24122"
          ],
          "uuid": "163ffde0-ad93-49b6-85e1-80f6d4930c63"
        },
        {
          "affected_range": "[7.0.0,7.0.106],[8.5.0,8.5.59],[9.0.0,9.0.39],[10.0.0-M1,10.0.0-M9]",
          "affected_versions": "All versions starting from 7.0.0 up to 7.0.106, all versions starting from 8.5.0 up to 8.5.59, all versions starting from 9.0.0 up to 9.0.39, all versions starting from 10.0.0-M1 up to 10.0.0-M9",
          "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-706",
            "CWE-937"
          ],
          "date": "2022-10-24",
          "description": "When serving resources from a network location using the NTFS file system, Apache Tomcat is susceptible to JSP source code disclosure in some configurations. The root cause is the unexpected behaviour of the JRE API `File.getCanonicalPath()` which in turn is caused by the inconsistent behaviour of the Windows API (`FindFirstFileW`) in some circumstances.",
          "fixed_versions": [
            "10.0.0-M10",
            "9.0.40",
            "8.5.60",
            "7.0.107"
          ],
          "identifier": "CVE-2021-24122",
          "identifiers": [
            "CVE-2021-24122"
          ],
          "not_impacted": "All versions starting from 7.0.107 before 8.5.0, all versions starting from 8.5.60 before 9.0.0, all versions starting from 10.0.0-M10",
          "package_slug": "maven/tomcat/catalina",
          "pubdate": "2021-01-14",
          "solution": "Upgrade to version 7.0.107, 8.5.60, 9.0.40, 10.0.0-M10 or higher",
          "title": "Information Exposure",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-24122"
          ],
          "uuid": "0170f5df-4390-4620-88b4-dade6920a80a"
        },
        {
          "affected_range": "[7.0.0,7.0.106],[8.5.0,8.5.59],[9.0.0,9.0.39],[10.0.0-M1,10.0.0-M9]",
          "affected_versions": "All versions starting from 7.0.0 up to 7.0.106, all versions starting from 8.5.0 up to 8.5.59, all versions starting from 9.0.0 up to 9.0.39, all versions starting from 10.0.0-M1 up to 10.0.0-M9",
          "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-706",
            "CWE-937"
          ],
          "date": "2022-10-24",
          "description": "When serving resources from a network location using the NTFS file system, Apache Tomcat is susceptible to JSP source code disclosure in some configurations. The root cause is the unexpected behaviour of the JRE API `File.getCanonicalPath()` which in turn is caused by the inconsistent behaviour of the Windows API (`FindFirstFileW`) in some circumstances.",
          "fixed_versions": [
            "10.0.0-M10",
            "9.0.40",
            "8.5.60",
            "7.0.107"
          ],
          "identifier": "CVE-2021-24122",
          "identifiers": [
            "CVE-2021-24122"
          ],
          "not_impacted": "All versions starting from 7.0.107 before 8.5.0, all versions starting from 8.5.60 before 9.0.0, all versions starting from 10.0.0-M10",
          "package_slug": "maven/tomcat/jasper-runtime",
          "pubdate": "2021-01-14",
          "solution": "Upgrade to version 7.0.107, 8.5.60, 9.0.40, 10.0.0-M10 or higher",
          "title": "Information Exposure",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-24122",
            "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E"
          ],
          "uuid": "68ced34b-21bd-4e29-bb89-c2326aa56676"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone21:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone22:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone23:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone24:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone25:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone26:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone27:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.0.106",
                "versionStartIncluding": "7.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.5.59",
                "versionStartIncluding": "8.5.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.0.39",
                "versionStartIncluding": "9.0.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:10.0.0:milestone1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:10.0.0:milestone2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:10.0.0:milestone3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:10.0.0:milestone4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:10.0.0:milestone5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:10.0.0:milestone6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:10.0.0:milestone7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:10.0.0:milestone8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:10.0.0:milestone9:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2021-24122"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-706"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E",
              "refsource": "MISC",
              "tags": [
                "Mailing List",
                "Vendor Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52%40%3Cannounce.tomcat.apache.org%3E"
            },
            {
              "name": "[tomee-dev] 20210114 Re: Releases?",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Vendor Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E"
            },
            {
              "name": "[tomcat-users] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Vendor Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/rb32a73b7cb919d4f44a2596b6b951274c0004fc8b0e393d6829a45f9@%3Cusers.tomcat.apache.org%3E"
            },
            {
              "name": "[oss-security] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2021/01/14/1"
            },
            {
              "name": "[tomcat-dev] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Vendor Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r7e0bb9ea415724550e2b325e143b23e269579e54d66fcd7754bd0c20@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-announce] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Vendor Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.tomcat.apache.org%3E"
            },
            {
              "name": "[announce] 20210114 [SECURITY] CVE-2021-24122 Apache Tomcat Information Disclosure",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Vendor Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r1595889b083e05986f42b944dc43060d6b083022260b6ea64d2cec52@%3Cannounce.apache.org%3E"
            },
            {
              "name": "[tomee-dev] 20210115 CVE-2021-24122 NTFS Information Disclosure Bug",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Vendor Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r7382e1e35b9bc7c8f320b90ad77e74c13172d08034e20c18000fe710@%3Cdev.tomee.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20210114 svn commit: r1885488 - in /tomcat/site/trunk: docs/security-10.html docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-10.xml xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Vendor Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20210212-0008/",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20210212-0008/"
            },
            {
              "name": "[debian-lts-announce] 20210316 [SECURITY] [DLA 2596-1] tomcat8 security update",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html"
            },
            {
              "name": "N/A",
              "refsource": "N/A",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.2,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-10-24T17:00Z",
      "publishedDate": "2021-01-14T15:15Z"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...
  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.