CVE-2024-54677

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Dec 17, 2024

Updated: Dec 18, 2024

CWE ID 400

Summary

CVE-2024-54677 is an Uncontrolled Resource Consumption vulnerability that affects various versions of Apache Tomcat, including 11.0.0-M1 to 11.0.1, 10.1.0-M1 to 10.1.33, and 9.0.0.M1 to 9.9.97. This issue allows an attacker to cause a denial of service by overwhelming the application with excessive resource usage. Users are strongly urged to upgrade to Apache Tomcat versions 11.0.2, 10.1.34, or 9.0.98 to mitigate this vulnerability and prevent potential disruptions.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Apache Tomcat

Affected Vendors

Apache Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/1ROZ6K
https://www.cve.org/CVERecord?id=CVE-2024-54677
https://nvd.nist.gov/vuln/detail/CVE-2024-54677

Back to Vulnerability Database