DLP and CVE-2024-24549 for Tomcat
search cancel

DLP and CVE-2024-24549 for Tomcat

book

Article ID: 366688

calendar_today

Updated On:

Products

Data Loss Prevention Network Discover Data Loss Prevention

Issue/Introduction

Tomcat CVE-2024-24549: Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat.
Is DLP vulnerable to this CVE?

Environment

Apache Tomcat

Resolution

Reference

Description

Adjusted CVSS score *

DLP impact

Analysis

Tomcat fixed vers.

CVE-2024-24549

Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat

N/A

None

Enforce only uses HTTP 1.1 with Tomcat, not HTTP/2. Therefore, DLP is not impacted by this CVE.

11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99
Powered by Wolken Software