Apache Releases Security Update for Apache Tomcat

Threat ID:: CC-3905
Threat Severity:: Information only
Published:: 14 July 2021 2:47 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Affected platforms

The following platforms are known to be affected:

Versions: 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46, 8.5.0 to 8.5.66

Apache Tomcat

Threat details

Introduction

The Apache Software Foundation has released a security advisory to address a vulnerability in Apache Tomcat. An remote attacker could exploit this vulnerability to take to take control of an affected system.

Remediation advice

Affected organisations are encouraged to review the Apache Tomcat advisory and follow the appropriate remediation step.

Remediation steps

Type	Step
Guidance	Apache Tomcat 10.0.0-M1 to 10.0.6 should upgrade to Apache Tomcat 10.0.7 or later https://tomcat.apache.org/security-10.html
Guidance	Apache Tomcat 9.0.0.M1 to 9.0.46 should upgrade to Apache Tomcat 9.0.48 or later https://tomcat.apache.org/security-9.html
Guidance	Apache Tomcat 8.5.0 to 8.5.66 should upgrade to Apache Tomcat 8.5.68 or later https://tomcat.apache.org/security-8.html

CVE Vulnerabilities

Status Published

CVE-2021-33037

Last edited: 14 July 2021 3:21 pm