Description

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weaker authentication or authorization requirements, a different vulnerability than CVE-2011-1184.

Remediation

References

http://svn.apache.org/viewvc?view=rev&rev=1087655

http://tomcat.apache.org/security-6.html

http://tomcat.apache.org/security-7.html

http://svn.apache.org/viewvc?view=rev&rev=1159309

http://svn.apache.org/viewvc?view=rev&rev=1158180

http://tomcat.apache.org/security-5.html

http://www.redhat.com/support/errata/RHSA-2011-1845.html

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00006.html

http://www.debian.org/security/2012/dsa-2401

http://rhn.redhat.com/errata/RHSA-2012-0074.html

http://rhn.redhat.com/errata/RHSA-2012-0075.html

http://rhn.redhat.com/errata/RHSA-2012-0325.html

http://rhn.redhat.com/errata/RHSA-2012-0076.html

http://rhn.redhat.com/errata/RHSA-2012-0078.html

http://rhn.redhat.com/errata/RHSA-2012-0077.html

http://marc.info/?l=bugtraq&m=139344343412337&w=2

http://secunia.com/advisories/57126

https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E

https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E

Related Vulnerabilities

CVE-2023-32981 Vulnerability in maven package org.jenkins-ci.plugins:pipeline-utility-steps

CVE-2020-15231 Vulnerability in maven package org.mapfish.print:print-servlet

CVE-2023-34455 Vulnerability in maven package org.xerial.snappy:snappy-java

CVE-2023-25158 Vulnerability in maven package org.geotools:gt-main

CVE-2017-16003 Vulnerability in npm package windows-build-tools

Severity

Critical

Classification

CWE-287

Tags

Patch Vendor Advisory