CVE-2022-23181: 
Java vulnerability analysis and mitigation

The vulnerability (CVE-2022-23181) was discovered in Apache Tomcat versions 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56, and 8.5.55 to 8.5.73. This vulnerability was introduced as a side effect of fixing an earlier vulnerability (CVE-2020-9484), resulting in a time of check, time of use (TOCTOU) vulnerability (Debian Security).

The vulnerability is a time of check, time of use (TOCTOU) issue that allows a local attacker to perform actions with the privileges of the user running the Tomcat process. This vulnerability has a CVSS score of 4.0 (LOW) with the vector CVSS:3.1/AV:L/AC:H/Au:N/C:P/I:P/A:P. The issue is only exploitable when Tomcat is configured to persist sessions using the FileStore (Rapid7).

When successfully exploited, this vulnerability could lead to privilege escalation, allowing an attacker to perform actions with the same privileges as the Tomcat process user. This could potentially result in unauthorized access to sensitive information, modification of data, or service disruption (NetApp Security).

The vulnerability has been fixed in Apache Tomcat versions 10.1.0-M9, 10.0.15, 9.0.57, and 8.5.74. Users are strongly recommended to upgrade to these or later versions. For Debian systems, fixed versions have been released as version 9.0.43-2~deb11u4 for Debian 11 (bullseye) (Debian Security).