CVE-2024-56337

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 9.0.0-M1 through 11.0.1

Description: The issue is a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that can be exploited to bypass case sensitivity checks and execute arbitrary code. This can be done by uploading a file that can be turned into malicious JSP code, resulting in remote code execution. The exploit can be carried out on case-insensitive file systems where Tomcat's default servlet has write functionality enabled. Over 894,000 Apache Tomcat applications are potentially vulnerable to this exploit. A proof-of-concept has been released, and it is expected that more exploitation will occur.

Recommendations: Update to patched versions of Apache Tomcat and adjust Java configuration accordingly to prevent remote code execution. As a temporary workaround, consider disabling the default servlet's write functionality on case-insensitive file systems to minimize the risk of exploitation. Restrict access to the vulnerable jsp files to prevent malicious code execution until the issue is resolved.