CVE-2019-12418
N/A
N/A
Summary
When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Apache Software Foundation | Apache Tomcat | 9.0.0.M1 to 9.0.28 | affected |
| Apache Software Foundation | Apache Tomcat | 8.5.0 to 8.5.47 | affected |
| Apache Software Foundation | Apache Tomcat | 7.0.0 to 7.0.97 | affected |
Weaknesses
- Local Privilege Escalation
ADP Enrichment
CVE Program Container
Additional References
- https://lists.apache.org/thread.html/43530b91506e2e0c11cfbe691173f5df8c48f51b98262426d7493b67%40%3Cannounce.tomcat.apache.org%3E
- https://www.debian.org/security/2019/dsa-4596
- https://seclists.org/bugtraq/2019/Dec/43
- https://security.netapp.com/advisory/ntap-20200107-0001/
- https://support.f5.com/csp/article/K10107360?utm_source=f5support&%3Butm_medium=RSS
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html
- https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html
- https://usn.ubuntu.com/4251-1/
- https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
- https://security.gentoo.org/glsa/202003-43
- https://lists.debian.org/debian-lts-announce/2020/03/msg00029.html
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.debian.org/security/2020/dsa-4680
References
- https://lists.apache.org/thread.html/43530b91506e2e0c11cfbe691173f5df8c48f51b98262426d7493b67%40%3Cannounce.tomcat.apache.org%3E
- https://www.debian.org/security/2019/dsa-4596
- https://seclists.org/bugtraq/2019/Dec/43
- https://security.netapp.com/advisory/ntap-20200107-0001/
- https://support.f5.com/csp/article/K10107360?utm_source=f5support&%3Butm_medium=RSS
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html
- https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html
- https://usn.ubuntu.com/4251-1/
- https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
- https://security.gentoo.org/glsa/202003-43
- https://lists.debian.org/debian-lts-announce/2020/03/msg00029.html
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.debian.org/security/2020/dsa-4680
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.