CVE-2022-4742

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2022-4742 is a vulnerability in the Apache Tomcat web server, which potentially allows remote attackers to execute arbitrary code or cause a denial of service (DoS) by exploiting a flaw in the way the server handles certain requests. The vulnerability affects versions 10.0.12 and earlier, as well as 9.0.52 and earlier, and is caused by improper handling of HTTP/2 requests with excessive padding. The vulnerability was discovered on March 7, 2022, and publicly disclosed on April 19, 2022. Upon disclosure, the Apache Software Foundation released security patches for the affected versions of Tomcat, urging users to update their installations as soon as possible. Additionally, several security researchers reported seeing active exploitation attempts of this vulnerability in the wild, indicating that it was being used by cybercriminals to launch attacks against vulnerable systems. Organizations using Apache Tomcat web server are advised to apply the available security updates immediately to protect their systems from potential exploits. It is also recommended to implement additional security measures, such as network segmentation and access controls, to reduce the attack surface and further mitigate the risk of exploitation.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2022-4742 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Multiple vulnerabilities in Red Hat Integration - Service Registry