Description

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weaker authentication or authorization requirements, a different vulnerability than CVE-2011-1184.

Remediation

References

http://svn.apache.org/viewvc?view=rev&rev=1087655

http://tomcat.apache.org/security-6.html

http://tomcat.apache.org/security-7.html

http://svn.apache.org/viewvc?view=rev&rev=1159309

http://svn.apache.org/viewvc?view=rev&rev=1158180

http://tomcat.apache.org/security-5.html

http://www.redhat.com/support/errata/RHSA-2011-1845.html

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00006.html

http://www.debian.org/security/2012/dsa-2401

http://rhn.redhat.com/errata/RHSA-2012-0074.html

http://rhn.redhat.com/errata/RHSA-2012-0075.html

http://rhn.redhat.com/errata/RHSA-2012-0325.html

http://rhn.redhat.com/errata/RHSA-2012-0076.html

http://rhn.redhat.com/errata/RHSA-2012-0078.html

http://rhn.redhat.com/errata/RHSA-2012-0077.html

http://marc.info/?l=bugtraq&m=139344343412337&w=2

http://secunia.com/advisories/57126

https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E

Related Vulnerabilities

CVE-2022-23541 Vulnerability in npm package jsonwebtoken

CVE-2023-29525 Vulnerability in maven package org.xwiki.platform:xwiki-platform-distribution-war

CVE-2012-0818 Vulnerability in maven package org.jboss.resteasy:resteasy-jettison-provider

CVE-2022-24278 Vulnerability in npm package convert-svg-core

CVE-2020-11007 Vulnerability in maven package com.shopizer:sm-core-model

Severity

Critical

Classification

CWE-287

Tags

Patch Vendor Advisory