Skip to main content

CVE-2012-5885

Severity

4.7

Description

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184.

Mitigation

We recommend upgrading to a version of this component that is not vulnerable to this specific issue or investigating other forms of authentication.

Project

Apache Tomcat

Apache TomEE

Category
n/a
Tags
functional
Date Disclosed

2012-11-17

Date Discovered

2012-11-17

Apache Tomcat 7.0.x

First release:
2011-01-14
First release:
2021-03-31
0
Support Lifecycle:
Namespace:
javax

Apache Tomcat 6.0.x

First release:
2007-02-28
First release:
2016-12-31
0
Support Lifecycle:
Namespace:
javax

Apache TomEE 1.0.x

First release:
2012-04-27
0
Support Lifecycle:
Namespace:
javax
Feel Vulnerable? 

Contact us so we can help you.

* These fields are required.