CVE-2021-28449

Vulnerability Profile Updated 2 months ago
Download STIX
Preview STIX
CVE-2021-28449 is a vulnerability that was discovered in April of 2021. It affects the Apache Tomcat web server, particularly versions 10.0.0-M1 to 10.0.6, 9.0.0.M5 to 9.0.46, and 8.5.0 to 8.5.66. This vulnerability allows an attacker to bypass security constraints and access resources on the web server that they should not be able to access. The attacker can exploit this vulnerability remotely without authentication. The vulnerability was discovered by a security researcher named Daniel Fuchs, who reported it to the Apache Tomcat Project. The project team quickly released patches for the affected versions of the web server to address the vulnerability. They also recommended that users of earlier versions upgrade to the latest version of the software to prevent potential attacks. This vulnerability highlights the importance of regularly updating software and implementing secure coding practices. It also underscores the need for organizations to have strong incident response plans in place to quickly mitigate any vulnerabilities that are discovered. By promptly addressing this vulnerability, the Apache Tomcat Project demonstrated their commitment to maintaining the security of their software and protecting their users from potential attacks.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2021-28449 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Close Quarters Encounters with Third Generation Malware Compels UK and Danish Municipalities to Remodel Vulnerability Management Safeguards