CVE-2024-56337
Published Dec 20, 2024
Last updated 5 days ago
- Description
- Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The mitigation for CVE-2024-50379 was incomplete. Users running Tomcat on a case insensitive file system with the default servlet write enabled (readonly initialisation parameter set to the non-default value of false) may need additional configuration to fully mitigate CVE-2024-50379 depending on which version of Java they are using with Tomcat: - running on Java 8 or Java 11: the system property sun.io.useCanonCaches must be explicitly set to false (it defaults to true) - running on Java 17: the system property sun.io.useCanonCaches, if set, must be set to false (it defaults to false) - running on Java 21 onwards: no further configuration is required (the system property and the problematic cache have been removed) Tomcat 11.0.3, 10.1.35 and 9.0.99 onwards will include checks that sun.io.useCanonCaches is set appropriately before allowing the default servlet to be write enabled on a case insensitive file system. Tomcat will also set sun.io.useCanonCaches to false by default where it can.
- Source
- security@apache.org
- NVD status
- Received
- security@apache.org
- CWE-367
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
22
A flaw in the Apache Tomcat update intended to fix a previous vulnerability has introduced another significant security issue, leaving organizations exposed to RCE attacks. CVSS: 9.8 ⚠️ Critical CVE-2024-50379/CVE-2024-56337 Both vulnerabilities, exploit a race condition in… h
@cytexsmb
24 Dec 2024
340 Impressions
1 Retweet
3 Likes
1 Bookmark
0 Replies
1 Quote
#Vulnerability #CVE202450379 CVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability https://t.co/5Uw109ngsh
@Komodosec
24 Dec 2024
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Apache Tomcat RCE Flaw CVE-2024-56337 #cybersecurity #breakingnews #news #trending #latest https://t.co/DfPcBcTbnT
@cyashadotcom
24 Dec 2024
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical vulnerability in Apache Tomcat (CVE-2024-56337) allows remote code execution on case-insensitive file systems. Update to patched versions and adjust your Java configuration accordingly. Stay secure! https://t.co/hZCY5JayvQ
@IntrusionZ3r0
24 Dec 2024
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
آسیب پذیری بحرانی CVE-2024-56337 در Apache Tomcat را فورا پچ کنید! https://t.co/UhRHMRIx9A
@vulnerbyte
24 Dec 2024
35 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilities CVE-2024-56337 and CVE-2024-50379 require urgent updates to protect against remote code execution. 🔧 Check versions and customize Java! More information 👉 https://t.co/1zjrkiUM4r #VPNUnlimited #CyberSecurity https://t.co/a4HvKtGn1K
@vpnunlimited
24 Dec 2024
242 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 New Vulnerabilities 🚨 Critical Apache Tomcat RCE Alert: CVE-2024-56337 Read More: https://t.co/2VmwLmfVlG https://t.co/XJoZuN5M77
@cyberlearnorg
24 Dec 2024
52 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
#ITSecurity #Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks https://t.co/WtcaMpSLwB via @TheHackersNews
@GAILLOTPatrice
24 Dec 2024
58 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Apache Tomcatの脆弱性CVE-2024-56337が公開され、リモートコード実行(RCE)のリスクが判明。Tomcatの特定バージョン(9.0~11.0.1)が影響を受け、デフォルト設定でのファイル書き込みを悪用可能。Javaの設定調整とアップデートが必要。 https://t.co/bPI3mufQ4Q
@01ra66it
24 Dec 2024
250 Impressions
0 Retweets
4 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2024-56337 alert 🚨 Apache Tomcat: Remote code execution The vulnerability is actively exploited in the wild and has been integrated into Patrowl. Our customers assets are protected. 🦉 #CyberSecurity #InfoSec #Apache https://t.co/TKbxYzu2ZI
@Patrowl_io
24 Dec 2024
63 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#tomcat Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks Dec 24, 2024 https://t.co/ZmSUa6vzDA
@TeamDreier
24 Dec 2024
107 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Apache Tomcatの重大なRCE脆弱性が修正される:CVE-2024-56337 | Codebook https://t.co/swsdHQeSuc #izumino_trend
@sec_trend
24 Dec 2024
84 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-56337: Apache Tomcat'te Kritik Uzaktan Kod Çalıştırma (RCE) Açığı https://t.co/b1oHAW89hF
@cyberwebeyeos
24 Dec 2024
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Apache #Tomcat Vulnerability #CVE-2024-56337 Exposes Servers to RCE Attacks https://t.co/zRgWlgAX4U
@ScyScan
24 Dec 2024
71 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks https://t.co/fDHxSzM3LM https://t.co/SPxmiMAULT
@talentxfactor
24 Dec 2024
53 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks Learn More ➥ https://t.co/ZbRgbDrmYq #cybersecurity #hacking #cyberattack #technews
@allhackernews_
24 Dec 2024
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks Read More: https://t.co/WrG61iQyCx #Apache #Servers https://t.co/IU4bDuA3sh
@techpio_team
24 Dec 2024
56 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
VULNERABILIDADE DO APACHE TOMCAT CVE-2024-56337 EXPÕE SERVIDORES A ATAQUES RCE https://t.co/tAtpqhuaZR #SamirNews #vulnerabilidade #do #apache #tomcat #cve202456337 #expõe #servidores #a #ataques #rce
@CanalFs0ciety
24 Dec 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks. The Apache Software Foundation (ASF) has released a security update to address an important vulnerability in its Tomcat server software that... https://t.co/lfeTiiki9M #InceptusSecure #UnderOurProtection
@Inceptus3
24 Dec 2024
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks https://t.co/wpcdpQ19Ts
@Dinosn
24 Dec 2024
4001 Impressions
11 Retweets
72 Likes
14 Bookmarks
0 Replies
0 Quotes
The Hacker News - Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks https://t.co/v12WWujbjN
@buzz_sec
24 Dec 2024
54 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks https://t.co/8l0jqwyRdN
@DemolisherDigi
24 Dec 2024
39 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#ln -s: RSS: Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks https://t.co/mETHbRIcTK
@cpardue09
24 Dec 2024
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[TheHackersNews] Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks. The Apache Software Foundation (ASF) has released a security update to address an important vulnerability in its Tomcat server software that could result in... https://t.co/VVSSK5bbVa
@shah_sheikh
24 Dec 2024
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks https://t.co/18RdliYRZW
@molari999
24 Dec 2024
37 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks https://t.co/JQdML95J2T
@TheCyberSecHub
24 Dec 2024
1152 Impressions
5 Retweets
5 Likes
2 Bookmarks
1 Reply
0 Quotes
⚡ A new remote code execution flaw in Apache Tomcat (CVE-2024-56337) exposes organizations to serious risk. » Affected Versions: Tomcat 9.0.0-M1 to 11.0.1 » Severity? 9.8 on CVSS Details👉https://t.co/PEzrwTmRiQ
@TheHackersNews
24 Dec 2024
50928 Impressions
56 Retweets
127 Likes
42 Bookmarks
2 Replies
2 Quotes
Threat Alert: Apache fixes remote code execution bypass in Tomcat web server - #CVE-2024-56337 CVE-2024-56337 CVE-2024-50379 Severity: ⚠️ Critical Maturity: 🧨 Trending Learn more: https://t.co/FGpkg1Azj3 #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
24 Dec 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔨Apache Tomcatの重大なRCE脆弱性が修正される:CVE-2024-56337 ⚠️AdobeがColdFusionの重大な脆弱性について警告、PoCも存在:CVE-2024-53961 〜サイバーアラート 12月24日〜 https://t.co/t4vCGSKMQl #セキュリティ #インテリジェンス #OSINT
@MachinaRecord
24 Dec 2024
146 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-56337 (Remote Code Execution) 🔥 https://t.co/UVF7o1NgRg
@IntrusionZ3r0
23 Dec 2024
52 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 A critical security update for Apache Tomcat addresses CVE-2024-56337, a remote code execution vulnerability affecting multiple versions. Users with case-insensitive file systems are at risk. #TomcatRCE #ApacheUpdate #CyberThreats #CybersecurityNews … https://t.co/FdDamiJ9yL
@TweetThreatNews
23 Dec 2024
63 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2024-9121 2 - CVE-2022-20201 3 - CVE-2024-56337 4 - CVE-2024-49775 5 - CVE-2024-8534 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
23 Dec 2024
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Security Alert: Apache Tomcat RCE Vulnerability (CVE-2024-56337) The Apache Software Foundation has released a patch for a severe RCE flaw affecting versions 11.0.0-M1 to 11.0.1, 10.1.0-M1 to 10.1.33, and 9.0.0.M1 to 9.0.97. 🔍 Key Details: Exploited via… https://t
@GHak2learn27752
23 Dec 2024
149 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability https://t.co/R2gQqyiQDw
@Dinosn
23 Dec 2024
3235 Impressions
14 Retweets
59 Likes
17 Bookmarks
0 Replies
0 Quotes
Apache Tomcatの脆弱性CVE-2024-56337が発見され、リモートコード実行(RCE)の危険性がある。影響を受けるのはTomcatの複数バージョンで、特にデフォルトのサーブレットの書き込み機能が有効な環境が対象。 https://t.co/6xoAkh9Q0J
@01ra66it
23 Dec 2024
285 Impressions
0 Retweets
2 Likes
1 Bookmark
1 Reply
0 Quotes
🚨🚨CVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability ⚠️Attackers could exploit this flaw on case-insensitive file systems where Tomcat’s default servlet has write functionality enabled. Search for Apache Tomcat application. ZoomEye Dork👉app="Apache Tomcat" 894k+
@zoomeye_team
23 Dec 2024
607 Impressions
1 Retweet
4 Likes
1 Bookmark
1 Reply
0 Quotes
Apache Tomcatで重大(Critical)()な遠隔コード実行の脆弱性。CVE-2024-56337はCVE-2024-50379の修正が不完全であるもの。大文字小文字が区別されないファイルシステムで、デフォルトサーブレットが書き込み可能になっている場合に、悪性JSPのアップロードが可能。 https://t.co/ioccWwVHZn
@__kokumoto
23 Dec 2024
2469 Impressions
3 Retweets
22 Likes
6 Bookmarks
1 Reply
1 Quote
🗣 CVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability https://t.co/FA65GvDiQr
@fridaysecurity
23 Dec 2024
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability Find out about the critical CVE-2024-56337 vulnerability in #Apache #Tomcat. Learn how to mitigate the risk and protect your system https://t.co/aKDatirfi1
@the_yellow_fall
23 Dec 2024
335 Impressions
2 Retweets
5 Likes
3 Bookmarks
0 Replies
0 Quotes
利用環境の場合はバージョンアップを / Apache Tomcat の脆弱性(Important: CVE-2024-56337) - SIOS SECURITY BLOG https://t.co/69JRP1skor #bookmark
@igaos
23 Dec 2024
96 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
IT関連サイト記事が更新されました!記事はこちらから⇒ Apache Tomcat の脆弱性(Important: CVE-2024-56337) https://t.co/XHVPLkIRkd
@itit7777
22 Dec 2024
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SIOSセキュリティブログを更新しました。 Apache Tomcat の脆弱性(Important: CVE-2024-56337) #sios_tech #security #vulnerability #セキュリティ #脆弱性 #linux #tomcat #mod_jk #apache https://t.co/mRhn2hXFUr
@omokazuki
22 Dec 2024
78 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Apache Tomcat CVE-2024-56337: Una Grave RCE ad Alto Rischio è Stata Scoperta - https://t.co/U4ipDSaeGc
@Cysafenews
21 Dec 2024
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache Tomcat CVE-2024-56337: Una Grave RCE ad Alto Rischio è Stata Scoperta https://t.co/DSYviDS2ta #redhotcyber #hacking #cti #ai #online #it #cybercrime #cybersecurity #technology #news #cyberthreatintelligence #innovation #privacy #engineering #intelligence https://t.co/652
@redhotcyber
21 Dec 2024
148 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-56337 TOCTOU Race Condition Vulnerability in Apache Tomcat Versions 상세 11.0.1 A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability is in Apache Tomcat. It affects Apache Tomcat versions from... https://t.co/p1uTqk7I9R
@VulmonFeeds
20 Dec 2024
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-56337 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 thr… https://t.co/wfscSpTNTx
@CVEnew
20 Dec 2024
341 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes