CVE-2026-55955 Apache Tomcat Vulnerability in NetApp Products
Summary
Apache Tomcat versions 11.0.0-M1 through 11.0.22, 10.1.0-M1 through 10.1.55, and 9.0.13 through 9.0.118 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information or addition or modification of data. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
What this means
In plain English
Apache Tomcat versions 11.0.0-M1 through 11.0.22, 10.1.0-M1 through 10.1.55, and 9.0.13 through 9.0.118 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information or addition or modification of data. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time. Information disclosure can expose data available to the affected component beyond its intended authorization boundary.
Recommended action
The vendor explicitly states that no mitigation or workaround is available. Follow the official advisory for fixed-release guidance and prioritize the vendor's permanent remediation path.
Rewritten locally from the scraped official advisory data above; no generative API is used. The vendor advisory is authoritative.
- 11.0.0
- 11.0.22
- 10.1.0
- 10.1.55
- 9.0.13
- 9.0.118
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Fixed versions
No fixed release is recorded yet. That does not prove no patch exists — confirm against the vendor advisory.
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Mitigation
The vendor states no workaround or mitigation is currently available. Prioritize upgrading to a fixed release, and follow the official advisory for interim guidance.
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.