Apache Tomcat Critical Vulnerability - 20241219001 (#1133)

* Apache Tomcat Critical Vulnerability - 20241219001

* Format markdown docs

* Update 20241219001

Updated table content formatting

---------

Co-authored-by: mahmadhabib076 <[email protected]>
Co-authored-by: JadonWill <[email protected]>

docs/advisories/20241219001-Apache-Tomcat-Critical-Vulnerability.md

@@ -0,0 +1,25 @@
+# Apache Tomcat Critical Vulnerability - 20241219001
+
+## Overview
+
+Apache has released a Security Update to address a vulnerability in Apache Tomcat, a widely used open-source web server and servlet container. Attackers could exploit this vulnerability by uploading malicious files disguised as legitimate ones, ultimately leading to remote code execution (RCE).
+
+## What is vulnerable?
+
+| Product(s) Affected | Version(s) | CVE | CVSS | Severity |
+| ------------------- | --------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------- | ---- | ------------ |
+| Apache Tomcat       | 11.0 <= 11.0.1 <br> 10.1 <= 10.1.33 <br> 9.0 <= 9.0.97 | [CVE-2024-50379](https://nvd.nist.gov/vuln/detail/CVE-2024-50379) | 9.8  | **Critical** |
+
+## What has been observed?
+
+There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *48 hours...* (refer [Patch Management](../guidelines/patch-management.md)):
+
+- Apache: <https://lists.apache.org/thread/y6lj6q1xnp822g6ro70tn19sgtjmr80r>
+
+## 3rd Party Article(s):
+
+- SecurityOnline: <https://securityonline.info/rce-and-dos-vulnerabilities-addressed-in-apache-tomcat-cve-2024-50379-and-cve-2024-54677/>