Detections
Analytics

Apache Tomcat 9.0.92 < 9.0.117 multiple vulnerabilities

high Nessus Plugin ID 307003

Synopsis

The remote Apache Tomcat server is affected by multiple vulnerabilities

Description

The version of Tomcat installed on the remote host is prior to 9.0.117. It is, therefore, affected by multiple vulnerabilities as referenced in the fixed_in_apache_tomcat_9.0.117_security-9 advisory.

 - Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernetes bearer token. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 10.1.0-M1 through 10.1.53, from 9.0.13 through 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the issue. (CVE-2026-34487)

 - CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled and FFM is used in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M14 through 11.0.20, from 10.1.22 through 10.1.53, from 9.0.92 through 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fixes the issue. (CVE-2026-34500)

 - Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the issue.
 (CVE-2026-34486)

 - Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve component of Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 10.1.0-M1 through 10.1.53, from 9.0.40 through 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117 , which fix the issue. (CVE-2026-34483)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Apache Tomcat version 9.0.117 or later.

See Also

http://www.nessus.org/u?6163db21

http://www.nessus.org/u?8b0e6ff1

http://www.nessus.org/u?6dbc2b20

http://www.nessus.org/u?d958092b

http://www.nessus.org/u?66d56d5e

Plugin Details

Severity: High

ID: 307003

File Name: tomcat_9_0_117.nasl

Version: 1.1

Type: Combined

Agent: windows, macosx, unix

Family: Web Servers

Published: 4/17/2026

Updated: 4/17/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.0

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

CVSS Score Source: CVE-2026-34487

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:tomcat:9

Required KB Items: installed_sw/Apache Tomcat

Exploit Ease: No known exploits are available

Patch Publication Date: 4/3/2026

Vulnerability Publication Date: 4/4/2026

Reference Information

CVE: CVE-2026-34483, CVE-2026-34486, CVE-2026-34487, CVE-2026-34500