CVE-2026-53434: CWE-390 Detection of Error Condition Without Action in Apache Software Foundation Apache Tomcat
Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fixes the issue.
AI Analysis
Technical Summary
This vulnerability (CWE-390) in Apache Tomcat occurs when the software detects an error condition related to CRL configuration for an FFM based connector but does not take any corrective or mitigating action. This could lead to potential security risks due to unhandled error states in certificate revocation checking. The affected versions include 11.0.0-M1 through 11.0.22, 10.1.0-M7 through 10.1.55, and 9.0.83 through 9.0.118. Users are advised to upgrade to fixed versions 11.0.23, 10.1.56, or 9.0.119 to resolve this issue.
Potential Impact
The vulnerability may cause Apache Tomcat to silently ignore error conditions during CRL configuration, potentially allowing revoked certificates to be accepted or other certificate validation issues to go unnoticed. This could weaken the security of TLS connections relying on CRL checks. However, no known exploits are reported in the wild at this time.
Mitigation Recommendations
Users should upgrade Apache Tomcat to versions 11.0.23, 10.1.56, or 9.0.119 or later, where this issue is fixed. Patch status is confirmed by the vendor advisory recommending these versions. No other specific mitigations are indicated.
CVE-2026-53434: CWE-390 Detection of Error Condition Without Action in Apache Software Foundation Apache Tomcat
Description
Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fixes the issue.
Affected software
pkg:maven/org.apache.tomcat/tomcatRun on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CWE-390) in Apache Tomcat occurs when the software detects an error condition related to CRL configuration for an FFM based connector but does not take any corrective or mitigating action. This could lead to potential security risks due to unhandled error states in certificate revocation checking. The affected versions include 11.0.0-M1 through 11.0.22, 10.1.0-M7 through 10.1.55, and 9.0.83 through 9.0.118. Users are advised to upgrade to fixed versions 11.0.23, 10.1.56, or 9.0.119 to resolve this issue.
Potential Impact
The vulnerability may cause Apache Tomcat to silently ignore error conditions during CRL configuration, potentially allowing revoked certificates to be accepted or other certificate validation issues to go unnoticed. This could weaken the security of TLS connections relying on CRL checks. However, no known exploits are reported in the wild at this time.
Mitigation Recommendations
Users should upgrade Apache Tomcat to versions 11.0.23, 10.1.56, or 9.0.119 or later, where this issue is fixed. Patch status is confirmed by the vendor advisory recommending these versions. No other specific mitigations are indicated.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- apache
- Date Reserved
- 2026-06-09T14:08:56.764Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a42de5d27e9c79719807169
Added to database: 06/29/2026, 21:06:37 UTC
Last enriched: 06/29/2026, 21:21:52 UTC
Last updated: 06/29/2026, 22:06:43 UTC
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.