Tomcat: CVE-2024-50379
Premium roomExplore and learn about the Tomcat CVE-2024-50379 vulnerability.
easy
45 min
3,362
To access material, start machines and answer questions login.
Tomcat is an open-source web server and servlet . If you are unfamiliar with the term, a servlet is a Java class created to run on an application server and handle client requests. It receives the client’s request, processes it, and generates the proper response. A servlet provides the runtime environment for the Java servlets and manages their lifecycle.
This room is dedicated to a recent Tomcat vulnerability, -2024-50379 (opens in new tab), that impacts the following versions of Tomcat:
- Tomcat 11.0.0-M1 to 11.0.1 (Fixed in 11.0.2 or later)
- Tomcat 10.1.0-M1 to 10.1.33 (Fixed in 10.1.34 or later)
- Tomcat 9.0.0.M1 to 9.0.97 (Fixed in 9.0.98 or later)
The -2024-50379 is an example of a Time-of-check Time-of-use (TOCTOU) vulnerability. A TOCTOU vulnerability arises from a race condition between checking a resource and using it. In other words, after a system checks the state of a resource and before using it, the resource changes, and the system ends using the changed resource. In this vulnerability, the TOCTOU race condition arises during the JSP (Java Server Page) compilation on case-insensitive systems, provided the default servlet has write permissions.
Learning Objectives
In this room, we will cover the following:
- What’s a TOCTOU and how it can be exploited
- Exploiting a vulnerable version of Tomcat
- Detecting such an exploitation
- Securing your installation
What is the acronym that stands for Time-of-check Time-of-use?
Ready to learn Cyber Security?
The Tomcat: CVE-2024-50379 room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.
Already have an account? Log in