POC详情: 77553add2a77cd0d6582dee404176b861eb900ae

来源
关联漏洞
标题: Apache Tomcat 安全漏洞 (CVE-2024-52317)
描述:Apache Tomcat是美国阿帕奇(Apache)基金会的一款轻量级Web应用服务器。该程序实现了对Servlet和JavaServer Page(JSP)的支持。 Apache Tomcat存在安全漏洞,该漏洞源于对象回收和重用漏洞不正确,可能导致用户之间的请求响应混淆。
描述
CVE-2024-52317 - Apache Tomcat HTTP/2 Data Leakage Vulnerability
介绍
 🚨🚨CVE-2024-52317🚨🚨


CVE-2024-52317 - Apache Tomcat HTTP/2 Data Leakage Vulnerability


Overview
CVE-2024-52317  is a vulnerability affecting Apache Tomcat's HTTP/2 implementation. The issue arises due to improper recycling of HTTP/2 request and response resources, potentially leading to data leakage between users. This means that sensitive data from one user might appear in the response sent to another user.



 Affected Versions

The following versions of Apache Tomcat are vulnerable:

Version Series	Affected Versions
Apache Tomcat 11.0	Versions prior to 11.0.0
Apache Tomcat 10.1	Versions prior to 10.1.31
Apache Tomcat 9.0	Versions prior to 9.0.96




 Exploitability

 Attack Vector

 How the Exploit Works:  
  An attacker can exploit this vulnerability by sending multiple HTTP/2 requests to a target server, triggering resource reuse issues that result in data leakage. Specifically, one user’s response may inadvertently include sensitive data belonging to another user.

 Potential Impact:
   Leakage of sensitive user data, including session cookies, tokens, or private information.
   Potential escalation of privilege using leaked session tokens or credentials.
   Disruption of data integrity in a multiuser environment.



 Mitigation

 Upgrade

To resolve this vulnerability, upgrade to a patched version of Apache Tomcat:

 Apache Tomcat 11.0.0 or later.
 Apache Tomcat 10.1.31 or later.
 Apache Tomcat 9.0.96 or later.

 Configuration Adjustments

If upgrading is not immediately feasible:
1. Disable HTTP/2 to mitigate the risk:

   <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" />
   ```
   Remove any HTTP/2 configurations in the server settings.

2. Implement strict monitoring of HTTP/2 traffic for anomalies or unexpected patterns.



 References

Apache Tomcat Security Advisory for CVE202452317](https://tomcat.apache.org/security11.html)

Apache Mailing List Discussion](https://lists.apache.org/thread/yyp6hsvy71y67c85n20j8lfhpnvrqtw2

Apache Tomcat Downloads](https://tomcat.apache.org/download11.cgi)

文件快照

[4.0K] /data/pocs/77553add2a77cd0d6582dee404176b861eb900ae ├── [2.2K] CVE-2024-52317.py └── [2.0K] README.md 0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。