Description
DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret (aka private key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging knowledge of this string, a different vulnerability than CVE-2011-1184.
Remediation
References
Related Vulnerabilities
WordPress Plugin YITH WooCommerce Ajax Product Filter Cross-Site Scripting (3.11.0)
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4223)
WordPress Plugin WebLibrarian Multiple Unspecified Vulnerabilities (2.6.3.1)
WordPress Plugin Newsletter-Send awesome emails from WordPress Open Redirect (2.6.4.4)