-
Type:
Public Security Vulnerability
-
Resolution: Fixed
-
Priority:
Low
-
Affects Version/s: 3.7.0, 3.6.2, 4.0.5, 4.1.10, 4.3.5, 4.2.5, 4.4.0
-
Component/s: None
-
5.3
-
Medium
-
CVE-2021-33037
The different Tomcat versions (8.5.X) bundled to the Atlassian Crowd product versions lower than Crowd 4.4.1 are vulnerable to CVE-2021-33037
The Tomcat versions from 8.5.0 to 8.5.66 are affected by the mentioned CVE-2021-33037 and some of the versions in this range are bundled to the Atlassian Crowd product versions lower than Crowd 4.4.1.
It is important to note that the Atlasian Crowd versions 4.4.1 and 5.0.0 were bundled to Tomcat 8.5.72 as this Tomcat version is not affected by CVE-2021-33037