FreeBSD : tomcat -- JNDI Realm Authentication Weakness in multiple versions (8b571fb2-f311-11eb-b12b-fc4dd43e2b6a)

medium Nessus Plugin ID 152205

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

ilja.farber reports :

Queries made by the JNDI Realm did not always correctly escape parameters. Parameter values could be sourced from user provided data (eg user names) as well as configuration data provided by an administrator. In limited circumstances it was possible for users to authenticate using variations of their user name and/or to bypass some of the protection provided by the LockOut Realm.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?4350522a

Plugin Details

Severity: Medium

ID: 152205

File Name: freebsd_pkg_8b571fb2f31111ebb12bfc4dd43e2b6a.nasl

Version: 1.3

Type: local

Published: 8/4/2021

Updated: 12/6/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2021-30640

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:tomcat10, p-cpe:/a:freebsd:freebsd:tomcat7, p-cpe:/a:freebsd:freebsd:tomcat85, p-cpe:/a:freebsd:freebsd:tomcat9, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 8/1/2021

Vulnerability Publication Date: 4/8/2021

Reference Information

CVE: CVE-2021-30640