CVE-2022-29885

EncryptInterceptor does not provide complete protection on insecure networks

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks.

La documentación de Apache Tomcat versiones 10.1.0-M1 a 10.1.0-M14, 10.0.0-M1 a 10.0.20, 9.0.13 a 9.0.62 y 8.5.38 a 8.5.78, para el EncryptInterceptor indicaba incorrectamente que permitía que el clustering de Tomcat fuera ejecutado sobre una red no confiable. Esto no es correcto. Mientras que el EncryptInterceptor proporciona confidencialidad y protección de la integridad, no protege contra todos los riesgos asociados con la ejecución de cualquier red no confiable, particularmente los riesgos de DoS

Apache Tomcat versions 10.1 and below suffer from a denial of service vulnerability.

*Credits: This issue was reported to the Apache Tomcat Security team by 4ra1n.

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-04-28 CVE Reserved
2022-05-12 CVE Published
2022-06-30 First Exploit
2024-06-07 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-400: Uncontrolled Resource Consumption

CAPEC

References (9)

URL	Tag	Source
http://packetstormsecurity.com/files/171728/Apache-Tomcat-10.1-Denial-Of-Service.html
https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html	Mailing List
https://security.netapp.com/advisory/ntap-20220629-0002	Third Party Advisory

URL	Date	SRC
https://www.exploit-db.com/exploits/51262	2023-04-05
https://github.com/quynhlab/CVE-2022-29885	2022-06-30
https://github.com/iveresk/CVE-2022-29885	2022-07-05

URL	Date	SRC
https://www.oracle.com/security-alerts/cpujul2022.html	2023-04-06

URL	Date	SRC
https://lists.apache.org/thread/2b4qmhbcyqvc7dyfpjyx54c03x65vhcv	2023-04-06
https://www.debian.org/security/2022/dsa-5265	2023-04-06

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Apache Search vendor "Apache"		Tomcat Search vendor "Apache" for product "Tomcat"				>= 8.5.38 <= 8.5.78 Search vendor "Apache" for product "Tomcat" and version " >= 8.5.38 <= 8.5.78"		-		Affected
Apache Search vendor "Apache"		Tomcat Search vendor "Apache" for product "Tomcat"				>= 9.0.13 <= 9.0.62 Search vendor "Apache" for product "Tomcat" and version " >= 9.0.13 <= 9.0.62"		-		Affected
Apache Search vendor "Apache"		Tomcat Search vendor "Apache" for product "Tomcat"				>= 10.0.0 <= 10.0.20 Search vendor "Apache" for product "Tomcat" and version " >= 10.0.0 <= 10.0.20"		-		Affected
Apache Search vendor "Apache"		Tomcat Search vendor "Apache" for product "Tomcat"				10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0"		milestone1		Affected
Apache Search vendor "Apache"		Tomcat Search vendor "Apache" for product "Tomcat"				10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0"		milestone10		Affected
Apache Search vendor "Apache"		Tomcat Search vendor "Apache" for product "Tomcat"				10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0"		milestone11		Affected
Apache Search vendor "Apache"		Tomcat Search vendor "Apache" for product "Tomcat"				10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0"		milestone12		Affected
Apache Search vendor "Apache"		Tomcat Search vendor "Apache" for product "Tomcat"				10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0"		milestone13		Affected
Apache Search vendor "Apache"		Tomcat Search vendor "Apache" for product "Tomcat"				10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0"		milestone14		Affected
Apache Search vendor "Apache"		Tomcat Search vendor "Apache" for product "Tomcat"				10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0"		milestone2		Affected
Apache Search vendor "Apache"		Tomcat Search vendor "Apache" for product "Tomcat"				10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0"		milestone3		Affected
Apache Search vendor "Apache"		Tomcat Search vendor "Apache" for product "Tomcat"				10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0"		milestone4		Affected
Apache Search vendor "Apache"		Tomcat Search vendor "Apache" for product "Tomcat"				10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0"		milestone5		Affected
Apache Search vendor "Apache"		Tomcat Search vendor "Apache" for product "Tomcat"				10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0"		milestone6		Affected
Apache Search vendor "Apache"		Tomcat Search vendor "Apache" for product "Tomcat"				10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0"		milestone7		Affected
Apache Search vendor "Apache"		Tomcat Search vendor "Apache" for product "Tomcat"				10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0"		milestone8		Affected
Apache Search vendor "Apache"		Tomcat Search vendor "Apache" for product "Tomcat"				10.1.0 Search vendor "Apache" for product "Tomcat" and version "10.1.0"		milestone9		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				11.0 Search vendor "Debian" for product "Debian Linux" and version "11.0"		-		Affected
Oracle Search vendor "Oracle"		Hospitality Cruise Shipboard Property Management System Search vendor "Oracle" for product "Hospitality Cruise Shipboard Property Management System"				20.2.1 Search vendor "Oracle" for product "Hospitality Cruise Shipboard Property Management System" and version "20.2.1"		-		Affected