Description

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID.

Remediation

References

http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html

http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html

http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html

http://rhn.redhat.com/errata/RHSA-2013-0623.html

http://rhn.redhat.com/errata/RHSA-2013-0629.html

http://rhn.redhat.com/errata/RHSA-2013-0631.html

http://rhn.redhat.com/errata/RHSA-2013-0632.html

http://rhn.redhat.com/errata/RHSA-2013-0633.html

http://rhn.redhat.com/errata/RHSA-2013-0640.html

http://rhn.redhat.com/errata/RHSA-2013-0647.html

http://rhn.redhat.com/errata/RHSA-2013-0648.html

http://rhn.redhat.com/errata/RHSA-2013-0726.html

http://secunia.com/advisories/51371

http://svn.apache.org/viewvc?view=revision&revision=1377807

http://svn.apache.org/viewvc?view=revision&revision=1380829

http://svn.apache.org/viewvc?view=revision&revision=1392248

http://tomcat.apache.org/security-5.html

http://tomcat.apache.org/security-6.html

http://tomcat.apache.org/security-7.html

http://www.securityfocus.com/bid/56403

http://www.ubuntu.com/usn/USN-1637-1

http://www-01.ibm.com/support/docview.wss?uid=swg21626891

https://exchange.xforce.ibmcloud.com/vulnerabilities/80407

Related Vulnerabilities

CVE-2022-31175 Vulnerability in npm package @ckeditor/ckeditor5-html-embed

CVE-2023-31065 Vulnerability in maven package org.apache.inlong:manager-service

CVE-2018-8026 Vulnerability in maven package org.apache.solr:solr-core

CVE-2014-3464 Vulnerability in maven package org.wildfly:wildfly-ejb3

CVE-2021-26272 Vulnerability in npm package ckeditor4-dev

Severity

Critical

Classification

CWE-287

Tags

Vendor Advisory