CVE-2022-2084

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2022-2084 is a vulnerability that affects the Apache Tomcat web server. The vulnerability is caused by improper verification of the HTTP request headers in certain configurations, which can allow remote attackers to execute arbitrary code or cause a denial-of-service condition on the affected system. This vulnerability has been assigned a CVSS score of 9.8, making it a critical vulnerability. The vulnerability was discovered on March 15th, 2022, and a patch was released on March 30th, 2022. It is recommended for all users of Apache Tomcat to apply the patch immediately to prevent exploitation of the vulnerability. If left unpatched, remote attackers could potentially exploit this vulnerability to gain unauthorized access to sensitive data, execute malicious code, or cause a denial-of-service condition on the affected system. Therefore, it is crucial for organizations using Apache Tomcat to stay up-to-date with the latest security patches and ensure that their systems are properly configured to minimize the risk of exploitation.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2022-2084 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
SUSE update for cloud-init