EUVD-2026-21057
GHSA-x4m4-345f-5h5g
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
4Description
Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernetes bearer token. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 10.1.0-M1 through 10.1.53, from 9.0.13 through 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the issue.
Analysis
Apache Tomcat's cloud membership clustering component logs Kubernetes bearer tokens in plaintext, enabling unauthenticated remote attackers to extract authentication credentials from log files. Affects Tomcat 9.0.13-9.0.116, 10.1.0-M1-10.1.53, and 11.0.0-M1-11.0.20. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all Tomcat instances (versions 9.0.13-9.0.116, 10.1.0-M1-10.1.53, 11.0.0-M1-11.0.20) in Kubernetes environments and verify log file access controls. Within 7 days: Implement log filtering or masking to redact bearer tokens from Tomcat logs using log aggregation tooling (e.g., Fluentd, Logstash); rotate all Kubernetes service account tokens associated with Tomcat deployments. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today