Detections
Analytics

Apache Tomcat 7.0.x <= 7.0.108 / 8.5.x <= 8.5.65 / 9.0.x <= 9.0.45 / 10.0.x <= 10.0.5 vulnerability

medium Nessus Plugin ID 151502

Language:

Synopsis

The remote Apache Tomcat server is affected by a vulnerability

Description

The version of Tomcat installed on the remote host is 7.0.x <= 7.0.108 / 8.5.x <= 8.5.65 / 9.0.x <= 9.0.45 / 10.0.x <= 10.0.5. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_10.0.6_security-10 advisory.

 - Queries made by the JNDI Realm did not always correctly escape parameters. Parameter values could be sourced from user provided data (eg user names) as well as configuration data provided by an administrator. In limited circumstances it was possible for users to authenticate using variations of their user name and/or to bypass some of the protection provided by the LockOut Realm. (CVE-2021-30640)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Apache Tomcat version 7.0.109, 8.5.66, 9.0.46, 10.0.6 or later.

See Also

http://www.nessus.org/u?d3fb2d8e

http://www.nessus.org/u?0fb6f5ab

http://www.nessus.org/u?0d761c19

http://www.nessus.org/u?ddfa2b5e

http://www.nessus.org/u?95156892

http://www.nessus.org/u?ed08487c

http://www.nessus.org/u?806274b5

http://www.nessus.org/u?f104a57d

https://bz.apache.org/bugzilla/show_bug.cgi?id=65224

http://www.nessus.org/u?837a9443

Plugin Details

Severity: Medium

ID: 151502

File Name: tomcat_10_0_6.nasl

Version: 1.9

Type: combined

Agent: windows, macosx, unix

Family: Web Servers

Published: 7/12/2021

Updated: 5/6/2024

Configuration: Enable thorough checks

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2021-30640

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:tomcat:7, cpe:/a:apache:tomcat:8, cpe:/a:apache:tomcat:9, cpe:/a:apache:tomcat:10

Required KB Items: installed_sw/Apache Tomcat

Exploit Ease: No known exploits are available

Patch Publication Date: 4/6/2021

Vulnerability Publication Date: 7/12/2021

Reference Information

CVE: CVE-2021-30640