PT-2025-23333 · Apache+8 · Apache Tomcat+8

Bob Beck

+1

·

Published

2025-01-01

·

Updated

2026-04-27

·

CVE-2025-69420

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Tomcat versions (affected versions not specified) FortiCup Administrative Interface (affected versions not specified)
Description The issue is related to a Denial of Service (DoS) condition that can be triggered by a specially crafted HTTP request, potentially causing the service to crash. It is also described as a "Coffee Overflow" in the context of the FortiCup Administrative Interface, though the exact nature of this overflow is not specified. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.
Recommendations For Tomcat, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For FortiCup Administrative Interface, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Improper Check for Exceptional Conditions

Weakness Enumeration

CWE-754

Related Identifiers

ALSA-2026:1472
ALSA-2026:1473
AZL-75269
AZL-75585
AZL-75896
AZL-76122
AZL-76167
BDU:2026-01219
CVE-2025-69420
ECHO-29D0-BE66-1D36
JLSEC-2026-264
MGASA-2026-0029
OESA-2026-1748
OESA-2026-1749
OESA-2026-1750
OESA-2026-1751
OESA-2026-1752
OESA-2026-1753
OPENSUSE-SU-2026:10237-1
OPENSUSE-SU-2026:20152-1
RHSA-2026:1472
RHSA-2026:1473
RHSA-2026:7261
SUSE-SU-2026:0309-1
SUSE-SU-2026:0310-1
SUSE-SU-2026:0311-1
SUSE-SU-2026:0312-1
SUSE-SU-2026:0331-1
SUSE-SU-2026:0332-1
SUSE-SU-2026:0333-1
SUSE-SU-2026:0343-1
SUSE-SU-2026:0346-1
SUSE-SU-2026:0358-1
SUSE-SU-2026:0359-1
SUSE-SU-2026:0360-1
SUSE-SU-2026:0498-1
SUSE-SU-2026:20211-1
SUSE-SU-2026:20223-1
SUSE-SU-2026:20349-1
SUSE-SU-2026:20373-1
USN-7980-1
USN-7980-2

Affected Products

Forticup Administrative Interface
Freebsd
Ibm Aix
Linuxmint
Openssl
Red Os
Rocky Linux
Apache Tomcat
Ubuntu