CVE-2019-12418 – org.apache.tomcat.embed:tomcat-embed-core

Package

Manager: maven
Name: org.apache.tomcat.embed:tomcat-embed-core
Vulnerable Version: >=0 <7.0.99 || >=8.0.0 <8.5.49 || >=9.0.0 <9.0.29

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: 0.012 pctl0.78134

Details

Insufficiently Protected Credentials in Apache Tomcat When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance.

Metadata

Created: 2019-12-26T18:22:36Z
Modified: 2022-04-19T18:42:25Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/12/GHSA-hh3j-x4mc-g48r/GHSA-hh3j-x4mc-g48r.json
CWE IDs: ["CWE-522"]
Alternative ID: GHSA-hh3j-x4mc-g48r
Finding: F035
Auto approve: 1