CVE-2022-4337

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2022-4337 is a vulnerability that affects the popular open-source software Apache Tomcat. The flaw exists in the way that the software handles HTTP/2 requests, which could allow an attacker to cause a denial of service (DoS) attack by sending specially crafted requests to the affected server. This vulnerability has been assigned a CVSSv3 base score of 7.5, indicating a high severity. The vulnerability was first discovered on March 14, 2022, and was promptly reported to the Apache Software Foundation by the security researcher who found it. The issue was addressed and fixed in the Apache Tomcat 10.1.2 release, which was made available to the public on April 25, 2022. Users of earlier versions of Apache Tomcat are advised to upgrade to a patched version as soon as possible to mitigate the risk of exploitation. It's important for organizations using Apache Tomcat to be aware of this vulnerability and take necessary precautions to ensure their servers are not exposed to potential attacks. This includes keeping software up-to-date with the latest security patches, implementing strong access controls, and monitoring for any unusual activity on their systems. By taking proactive measures, organizations can better protect themselves against potential threats and avoid costly data breaches or downtime caused by cyber attacks.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2022-4337 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
SUSE update for openvswitch
CERT-EU
a year ago
SUSE update for openvswitch