CVE-2023-42794: Apache Tomcat: FileUpload: DoS due to accumulation of temporary files on Windows
First published: Tue Oct 10 2023(Updated: )
Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in progress refactoring that exposed a potential denial of service on Windows if a web application opened a stream for an uploaded file but failed to close the stream. The file would never be deleted from disk creating the possibility of an eventual denial of service due to the disk being full. Users are recommended to upgrade to version 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.
Credit: security@apache.org security@apache.org security@apache.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache Tomcat | >=8.5.85<8.5.94 | |
| Apache Tomcat | >=9.0.70<9.0.81 | |
| maven/org.apache.tomcat:tomcat | >=8.5.85<8.5.94 | 8.5.94 |
| maven/org.apache.tomcat:tomcat | >=9.0.70<9.0.81 | 9.0.81 |
| redhat/tomcat | <9.0.81 | 9.0.81 |
| redhat/tomcat | <8.5.94 | 8.5.94 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2023/10/10/8
- https://lists.apache.org/thread/vvbr2ms7lockj1hlhz5q3wmxb2mwcw82
- https://nvd.nist.gov/vuln/detail/CVE-2023-42794
- https://github.com/advisories/GHSA-jm7m-8jh6-29hp (Advisory)
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2245766
- https://access.redhat.com/errata/RHSA-2023:7247
- https://access.redhat.com/errata/RHSA-2024:0125
- https://access.redhat.com/errata/RHSA-2024:0474
- https://bugzilla.redhat.com/show_bug.cgi?id=2243751
Frequently Asked Questions
What is CVE-2023-42794?
CVE-2023-42794 is an incomplete cleanup vulnerability in Apache Tomcat that can result in a denial of service due to the accumulation of temporary files on Windows.
Which versions of Apache Tomcat are affected by CVE-2023-42794?
Apache Tomcat versions 8.5.85 through 8.5.93 and 9.0.70 through 9.0.80 are affected by CVE-2023-42794.
How can CVE-2023-42794 be exploited?
CVE-2023-42794 can be exploited by a web application opening a large number of file upload requests on Windows, leading to the accumulation of temporary files and a potential denial of service.
What is the remedy for CVE-2023-42794?
To fix CVE-2023-42794, upgrade to Apache Tomcat version 8.5.94 or 9.0.81.
Where can I find more information about CVE-2023-42794?
You can find more information about CVE-2023-42794 on the Openwall, Apache, and NIST websites using the provided references.
- collector/oss-sec
- alias/CVE-2023-42794
- collector/nvd-index
- collector/nvd-api
- collector/github-advisory-latest
- alias/GHSA-jm7m-8jh6-29hp
- collector/nvd-cve
- collector/github-advisory
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/references
- agent/author
- agent/weakness
- agent/title
- agent/severity
- agent/description
- agent/tags
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- agent/software-canonical-lookup
- vendor/apache
- canonical/apache tomcat
- version/apache tomcat/8.5.85
- version/apache tomcat/9.0.70
- package-manager/maven
- package-manager/redhat