Apache Tomcat fails to preserve the configured cipher preference order during TLS handshakes, enabling an attacker to force the server to negotiate weaker cipher suites or to downgrade the encryption level. This flaw, rooted in environmental configuration interference (CWE‑15) and improper use of security primitives (CWE‑327), can expose communication to less secure encryption, potentially permitting man‑in‑the‑middle attacks and weakening confidentiality and integrity of data in transit.

Affected versions are Apache Tomcat 11.0.16 through 11.0.18, 10.1.51 through 10.1.52, and 9.0.114 through 9.0.115. The vulnerability has been fixed in Tomcat 11.0.20, 10.1.53, and 9.0.116. Administrators should confirm that their deployments run one of the patched releases to eliminate the issue.

The CVSS base score of 7.5 indicates a high impact vulnerability that does not require elevated privileges and can be triggered remotely during a TLS session. The EPSS score is below 1 %, suggesting low current exploitation likelihood, and the issue is not yet listed in CISA’s KEV catalog. An attacker who can influence a client–server handshake may exploit the ordering flaw to force a weaker cipher or to downgrade the protocol, which could facilitate passive or active eavesdropping.