=====================================================================

                               CERT-Renater

                    Note d'Information No. 2023/VULN089

_____________________________________________________________________

DATE                : 22/02/2023

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S):Systems running Apache Tomcat versions prior 
                  to 11.0.0-M3, 10.1.5, 9.0.71, 8.5.85.

=====================================================================
https://lists.apache.org/thread/mjz132oqypg39xlq3zydmgvbw2cg2slb
_____________________________________________________________________

[SECURITY] CVE-2023-24998 Apache Tomcat - FileUpload DoS with excessive 
parts


Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
Apache Tomcat 11.0.0-M1
Apache Tomcat 10.1.0-M1 to 10.1.4
Apache Tomcat 9.0.0-M1 to 9.0.70
Apache Tomcat 8.5.0 to 8.5.84

Description:
Apache Tomcat uses a packaged renamed copy of Apache Commons FileUpload 
to provide the file upload functionality defined in the Jakarta Servlet 
specification. Apache Tomcat was, therefore, also vulnerable to the 
Apache Commons FileUpload vulnerability CVE-2023-24998 as there was no 
limit to the number of request parts processed. This resulted in the 
possibility of an attacker triggering a DoS with a malicious upload or 
series of uploads.


Mitigation:
Users of the affected versions should apply one of the following
mitigations:
- Upgrade to Apache Tomcat 11.0.0-M3 or later when released
- Upgrade to Apache Tomcat 10.1.5 or later
- Upgrade to Apache Tomcat 9.0.71 or later
- Upgrade to Apache Tomcat 8.5.85 or later
- Note 11.0.0-M2 was not released


Credit:
This issue was identified by the Apache Tomcat security team.


History:
2023-01-03 Original advisory


References:
[1] https://tomcat.apache.org/security-10.html
[2] https://tomcat.apache.org/security-9.html
[3] https://tomcat.apache.org/security-8.html



=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================