CVE Vulnerabilities

CVE-2019-12418

Published: Dec 23, 2019 | Modified: Nov 07, 2023
CVSS 3.x
7
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
4.4 MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
7.4 MODERATE
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Ubuntu
MEDIUM

When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance.

Affected Software

Name Vendor Start Version End Version
Tomcat Apache 7.0.0 (including) 7.0.97 (including)
Tomcat Apache 8.5.0 (including) 8.5.47 (including)
Tomcat Apache 9.0.0 (including) 9.0.28 (including)
Red Hat JBoss Web Server 3.1 RedHat tomcat *
Red Hat JBoss Web Server 3 for RHEL 6 RedHat tomcat7-0:7.0.70-38.ep7.el6 *
Red Hat JBoss Web Server 3 for RHEL 6 RedHat tomcat8-0:8.0.36-42.ep7.el6 *
Red Hat JBoss Web Server 3 for RHEL 6 RedHat tomcat-native-0:1.2.23-21.redhat_21.ep7.el6 *
Red Hat JBoss Web Server 3 for RHEL 7 RedHat tomcat7-0:7.0.70-38.ep7.el7 *
Red Hat JBoss Web Server 3 for RHEL 7 RedHat tomcat8-0:8.0.36-42.ep7.el7 *
Red Hat JBoss Web Server 3 for RHEL 7 RedHat tomcat-native-0:1.2.23-21.redhat_21.ep7.el7 *
Red Hat JBoss Web Server 5.3 on RHEL 6 RedHat jws5-tomcat-0:9.0.30-3.redhat_4.1.el6jws *
Red Hat JBoss Web Server 5.3 on RHEL 6 RedHat jws5-tomcat-native-0:1.2.23-4.redhat_4.el6jws *
Red Hat JBoss Web Server 5.3 on RHEL 7 RedHat jws5-tomcat-0:9.0.30-3.redhat_4.1.el7jws *
Red Hat JBoss Web Server 5.3 on RHEL 7 RedHat jws5-tomcat-native-0:1.2.23-4.redhat_4.el7jws *
Red Hat JBoss Web Server 5.3 on RHEL 8 RedHat jws5-tomcat-0:9.0.30-3.redhat_4.1.el8jws *
Red Hat JBoss Web Server 5.3 on RHEL 8 RedHat jws5-tomcat-native-0:1.2.23-4.redhat_4.el8jws *
Red Hat JBoss Web Server (JWS) 5.3 RedHat tomcat *
Tomcat7 Ubuntu bionic *
Tomcat7 Ubuntu trusty *
Tomcat7 Ubuntu xenial *
Tomcat8 Ubuntu bionic *
Tomcat8 Ubuntu trusty *
Tomcat8 Ubuntu xenial *
Tomcat9 Ubuntu bionic *
Tomcat9 Ubuntu disco *
Tomcat9 Ubuntu eoan *
Tomcat9 Ubuntu trusty *

References