CVE-2024-22029

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Apache Tomcat (affected versions not specified)

Description The issue is related to insecure permissions in the packaging of Apache Tomcat, allowing local users to escalate to root if they win a race during package installation. This is a local privilege escalation issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2024-22029

OPENSUSE-SU-2024:13692-1

OPENSUSE-SU-2024:13693-1

OPENSUSE-SU-2024_0472-1

OPENSUSE-SU-2024_0473-1

SUSE-SU-2024:0472-1

SUSE-SU-2024:0473-1

SUSE-SU-2024_0473-1

Affected Products

Apache Tomcat

Suse

CVE-2024-22029

Weakness Enumeration

Related Identifiers

Affected Products

References · 27