CVE-2012-5885

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184.

Affected Software

Name	Vendor	Start Version	End Version
Tomcat	Apache	5.5.0 (including)	5.5.0 (including)
Tomcat	Apache	5.5.1 (including)	5.5.1 (including)
Tomcat	Apache	5.5.2 (including)	5.5.2 (including)
Tomcat	Apache	5.5.3 (including)	5.5.3 (including)
Tomcat	Apache	5.5.4 (including)	5.5.4 (including)
Tomcat	Apache	5.5.5 (including)	5.5.5 (including)
Tomcat	Apache	5.5.6 (including)	5.5.6 (including)
Tomcat	Apache	5.5.7 (including)	5.5.7 (including)
Tomcat	Apache	5.5.8 (including)	5.5.8 (including)
Tomcat	Apache	5.5.9 (including)	5.5.9 (including)
Tomcat	Apache	5.5.10 (including)	5.5.10 (including)
Tomcat	Apache	5.5.11 (including)	5.5.11 (including)
Tomcat	Apache	5.5.12 (including)	5.5.12 (including)
Tomcat	Apache	5.5.13 (including)	5.5.13 (including)
Tomcat	Apache	5.5.14 (including)	5.5.14 (including)
Tomcat	Apache	5.5.15 (including)	5.5.15 (including)
Tomcat	Apache	5.5.16 (including)	5.5.16 (including)
Tomcat	Apache	5.5.17 (including)	5.5.17 (including)
Tomcat	Apache	5.5.18 (including)	5.5.18 (including)
Tomcat	Apache	5.5.19 (including)	5.5.19 (including)
Tomcat	Apache	5.5.20 (including)	5.5.20 (including)
Tomcat	Apache	5.5.21 (including)	5.5.21 (including)
Tomcat	Apache	5.5.22 (including)	5.5.22 (including)
Tomcat	Apache	5.5.23 (including)	5.5.23 (including)
Tomcat	Apache	5.5.24 (including)	5.5.24 (including)
Tomcat	Apache	5.5.25 (including)	5.5.25 (including)
Tomcat	Apache	5.5.26 (including)	5.5.26 (including)
Tomcat	Apache	5.5.27 (including)	5.5.27 (including)
Tomcat	Apache	5.5.28 (including)	5.5.28 (including)
Tomcat	Apache	5.5.29 (including)	5.5.29 (including)
Tomcat	Apache	5.5.30 (including)	5.5.30 (including)
Tomcat	Apache	5.5.31 (including)	5.5.31 (including)
Tomcat	Apache	5.5.32 (including)	5.5.32 (including)
Tomcat	Apache	5.5.33 (including)	5.5.33 (including)
Tomcat	Apache	5.5.34 (including)	5.5.34 (including)
Tomcat	Apache	5.5.35 (including)	5.5.35 (including)
JBEWP 5 for RHEL 5	RedHat	jbossweb-0:2.1.13-3_patch_02.ep5.el5	*
JBEWP 5 for RHEL 6	RedHat	jbossweb-0:2.1.13-4_patch_02.ep5.el6	*
JBoss Data Grid 6.1	RedHat		*
JBoss Enterprise BRMS Platform 5.3	RedHat		*
Red Hat Enterprise Linux 5	RedHat	tomcat5-0:5.5.23-0jpp.38.el5_9	*
Red Hat Enterprise Linux 6	RedHat	tomcat6-0:6.0.24-52.el6_4	*
Red Hat JBoss Enterprise Application Platform 5.2	RedHat		*
Red Hat JBoss Enterprise Application Platform 5 for RHEL 4	RedHat	jbossweb-0:2.1.13-3_patch_02.ep5.el4	*
Red Hat JBoss Enterprise Application Platform 5 for RHEL 5	RedHat	jbossweb-0:2.1.13-3_patch_02.ep5.el5	*
Red Hat JBoss Enterprise Application Platform 5 for RHEL 6	RedHat	jbossweb-0:2.1.13-4_patch_02.ep5.el6	*
Red Hat JBoss Enterprise Application Platform 6.0	RedHat		*
Red Hat JBoss Enterprise Application Platform 6 for RHEL 5	RedHat	jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5	*
Red Hat JBoss Enterprise Application Platform 6 for RHEL 6	RedHat	jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6	*
Red Hat JBoss Enterprise Web Server 2 for RHEL 5	RedHat	tomcat6-0:6.0.35-6_patch_06.ep6.el5	*
Red Hat JBoss Enterprise Web Server 2 for RHEL 6	RedHat	tomcat6-0:6.0.35-29_patch_06.ep6.el6	*
Red Hat JBoss SOA Platform 5.3	RedHat		*
Red Hat JBoss Web Platform 5.2	RedHat		*
Red Hat JBoss Web Server 2.0	RedHat		*
Tomcat5.5	Ubuntu	hardy	*
Tomcat5.5	Ubuntu	upstream	*
Tomcat6	Ubuntu	lucid	*
Tomcat6	Ubuntu	oneiric	*
Tomcat6	Ubuntu	precise	*
Tomcat6	Ubuntu	quantal	*
Tomcat6	Ubuntu	upstream	*
Tomcat7	Ubuntu	oneiric	*
Tomcat7	Ubuntu	precise	*
Tomcat7	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-5885
CWE	https://cwe.mitre.org/data/definitions/264.html

Affected Software

References