A newly discovered vulnerability in Apache Tomcat, identified as CVE-2024-38286, has raised significant concerns among cybersecurity experts.
This flaw allows attackers to trigger a Denial of Service (DoS) attack by exploiting the TLS handshake process.
The vulnerability, classified as “Important” in severity, affects several versions of Apache Tomcat. Here is a table summarizing the affected versions of Apache Tomcat due to the CVE-2024-38286 vulnerability:
| Apache Tomcat Version | Affected Versions |
| 11.0.x | 11.0.0-M1 to 11.0.0-M20 |
| 10.1.x | 10.1.0-M1 to 10.1.24 |
| 9.0.x | 9.0.13 to 9.0.89 |
The Apache Software Foundation, the vendor behind Tomcat, has confirmed that an attacker can cause an OutOfMemoryError by abusing the TLS handshake process under certain configurations on any platform.
This can lead to a Denial of Service condition, severely impacting the availability and performance of applications relying on affected Tomcat versions.
Download Free Incident Response Plan Template for Your Security Team – Free Download
Mitigation Measures Urged
In response to the discovery, the Apache Software Foundation has urged users of affected versions to take immediate action to mitigate the risk.
The recommended solutions include upgrading to the latest secure versions: Apache Tomcat 11.0.0-M21 or later, 10.1.25 or later, and 9.0.90 or later.
Organizations using Apache Tomcat are advised to review their current configurations and apply the necessary updates promptly to protect their systems from potential exploits.
Ozaki from North Grid Corporation responsibly reported the vulnerability, highlighting the importance of collaboration between researchers and software vendors in identifying and addressing security issues.
The Apache Software Foundation has expressed gratitude for the responsible disclosure and has emphasized its commitment to maintaining the security and reliability of its software products.
As Apache Tomcat is widely used in enterprise environments for running Java applications, this vulnerability underscores the critical need for regular security assessments and timely updates in software management practices.
By staying informed and proactive in applying security patches, businesses can safeguard their systems from disruptions caused by such vulnerabilities.
Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14-day free trial