Amazon Linux 2 : tomcat (ALASTOMCAT9-2024-011)

The version of tomcat installed on the remote host is prior to 9.0.50-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2TOMCAT9-2024-011 advisory. Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue. (CVE-2024-21733) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version…Read More