Description

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weaker authentication or authorization requirements, a different vulnerability than CVE-2011-1184.

Remediation

References

http://svn.apache.org/viewvc?view=rev&rev=1087655

http://tomcat.apache.org/security-6.html

http://tomcat.apache.org/security-7.html

http://svn.apache.org/viewvc?view=rev&rev=1159309

http://svn.apache.org/viewvc?view=rev&rev=1158180

http://tomcat.apache.org/security-5.html

http://www.redhat.com/support/errata/RHSA-2011-1845.html

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00006.html

http://www.debian.org/security/2012/dsa-2401

http://rhn.redhat.com/errata/RHSA-2012-0074.html

http://rhn.redhat.com/errata/RHSA-2012-0075.html

http://rhn.redhat.com/errata/RHSA-2012-0325.html

http://rhn.redhat.com/errata/RHSA-2012-0076.html

http://rhn.redhat.com/errata/RHSA-2012-0078.html

http://rhn.redhat.com/errata/RHSA-2012-0077.html

http://marc.info/?l=bugtraq&m=139344343412337&w=2

http://secunia.com/advisories/57126

https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E

Related Vulnerabilities

CVE-2023-34247 Vulnerability in npm package @keystone-6/auth

CVE-2023-33201 Vulnerability in maven package org.bouncycastle:bcprov-jdk14

CVE-2021-21293 Vulnerability in maven package org.http4s:blaze-core_2.11

CVE-2022-31108 Vulnerability in maven package org.webjars.npm:mermaid

CVE-2018-9206 Vulnerability in maven package org.webjars.npm:blueimp-file-upload

Severity

Critical

Classification

CWE-287

Tags

Patch Vendor Advisory