The version of Tomcat installed on the remote host is prior to 11.0.21. It is, therefore, affected by multiple vulnerabilities as referenced in the fixed_in_apache_tomcat_11.0.21_security-11 advisory.

  - Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering     component of Apache Tomcat exposed the Kubernetes bearer token. This issue affects Apache Tomcat: from     11.0.0-M1 through 11.0.20, from 10.1.0-M1 through 10.1.53, from 9.0.13 through 9.0.116. Users are     recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the issue. (CVE-2026-34487)

  - CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled and FFM     is used in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M14 through 11.0.20, from 10.1.22     through 10.1.53, from 9.0.92 through 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54     or 9.0.117, which fixes the issue. (CVE-2026-34500)

  - Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146     allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53,     9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the issue.
    (CVE-2026-34486)

  - Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve component of Apache     Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 10.1.0-M1 through 10.1.53,     from 9.0.40 through 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117 ,     which fix the issue. (CVE-2026-34483)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Apache Tomcat 11.0.0.M14 < 11.0.21 multiple vulnerabilities

high Nessus Plugin ID 307002

Version 1.2

Version 1.1

Version 1.2 May 14, 2026, 3:47 AM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True") Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202605140347
Version 1.1 Apr 17, 2026, 3:03 PM New Plugin Feed: 202604171503