We found results for “”
CVE-2024-38286
Good to know:
Date: June 12, 2024
Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat, leading to Denial of Service (DoS).
Severity Score
Severity Score
Weakness Type (CWE)
Uncontrolled Resource Consumption ('Resource Exhaustion')
CWE-400Top Fix
Upgrade Version
Upgrade to version org.apache.tomcat:tomcat-coyote:9.0.90,10.1.25,11.0.0-M21, org.apache.tomcat.embed:tomcat-embed-core:9.0.90,10.1.25,11.0.0-M21
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | LOCAL |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | NONE |
Availability (A): | HIGH |