Description
The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184.
Remediation
References
http://tomcat.apache.org/security-7.html
http://svn.apache.org/viewvc?view=revision&revision=1377807
http://svn.apache.org/viewvc?view=revision&revision=1392248
http://tomcat.apache.org/security-6.html
http://svn.apache.org/viewvc?view=revision&revision=1380829
http://tomcat.apache.org/security-5.html
http://www.ubuntu.com/usn/USN-1637-1
http://www.securityfocus.com/bid/56403
http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html
http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html
http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html
http://rhn.redhat.com/errata/RHSA-2013-0640.html
http://rhn.redhat.com/errata/RHSA-2013-0631.html
http://rhn.redhat.com/errata/RHSA-2013-0632.html
http://rhn.redhat.com/errata/RHSA-2013-0633.html
http://rhn.redhat.com/errata/RHSA-2013-0623.html
http://rhn.redhat.com/errata/RHSA-2013-0629.html
http://rhn.redhat.com/errata/RHSA-2013-0647.html
http://rhn.redhat.com/errata/RHSA-2013-0726.html
http://rhn.redhat.com/errata/RHSA-2013-0648.html
http://secunia.com/advisories/51371
http://marc.info/?l=bugtraq&m=136485229118404&w=2
http://www-01.ibm.com/support/docview.wss?uid=swg21626891
http://marc.info/?l=bugtraq&m=136612293908376&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/80408
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19432
Related Vulnerabilities
CVE-2020-9480 Vulnerability in maven package org.apache.spark:spark-network-shuffle_2.11
CVE-2022-36884 Vulnerability in maven package org.jenkins-ci.plugins:git
CVE-2016-0779 Vulnerability in maven package org.apache.tomee:arquillian-tomee-embedded
CVE-2017-9804 Vulnerability in maven package org.apache.struts:struts2-core