![⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [30 Dec]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfYK_dlQo9n6UQiuexPS4b1dZ039bN14TXB6AswBkkoRAzzAJg7N3ihBHLhefti8RGcxX6HNI0wVhF8dHLT29WcL2UIUv2n81OsQEbYGKSV6N4aJR-OaK9cV0rWfJWElVsPsjjWvNfb0ZfkRgYfXWIbDBj14YS5VvaBSf7ke5iqzAL2DF7C3IGZRMMwdaf/s1600/recap.png?#)
CVE-2018-9471 - Apache Tomcat NanoAppFilter Java Deserialization-Type Confusion Local Privilege Escalation Vulnerability
CVE ID : CVE-2018-9471 Published : Nov. 20, 2024, 6:15 p.m. | 1 hour, 29 minutes ago Description : In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to type confusion. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2018-9471
Published : Nov. 20, 2024, 6:15 p.m. | 1 hour, 29 minutes ago
Description : In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to type confusion. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : Nov. 20, 2024, 6:15 p.m. | 1 hour, 29 minutes ago
Description : In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to type confusion. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
