CVE-2016-0762
Aliases:GHSA-wxcp-f2c8-x6xv
Advisory lineage Upstream: 0 Downstream: 15
Modified
Published: 10 Aug 2017, 16:00
Last modified:17 Sept 2024, 01:36
Vulnerability Summary
Overall Risk (default)
low
24/100 CVSS Score
5.9 MEDIUM
v3.1 (nvd)
EPSS Score
0.5% LOW
1% probability -0.21%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
10 Aug 2017, 16:00
Published
Vulnerability first disclosed
17 Sept 2024, 01:36
Last Modified
Vulnerability information updated
Description
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder.
CVSS Metrics
- v3.1•MEDIUM•Score: 5.9CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
- v2.0•MEDIUM•Score: 4.3AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS Trends
Current EPSS score: 0.50%• Percentile: 66%
Techniques & Countermeasures
- CWE-203•Observable Discrepancy
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.
Affected Systems
- apache software foundation•apache tomcat
9.0.0.M1 to 9.0.0.M9 | 8.5.0 to 8.5.4 | 8.0.0.RC1 to 8.0.36 | 7.0.0 to 7.0.70 | 6.0.0 to 6.0.45
- Unknown•Tomcat
≥ 6.0.0, ≤ 6.0.45 | ≥ 7.0.0, ≤ 7.0.70 | ≥ 8.0, ≤ 8.0.36 | ≥ 8.5.0, ≤ 8.5.4 | 9.0.0:milestone1 | 9.0.0:milestone2 | 9.0.0:milestone3 | 9.0.0:milestone4 | 9.0.0:milestone5 | 9.0.0:milestone6 | 9.0.0:milestone7 | 9.0.0:milestone8 | 9.0.0:milestone9
- canonical•ubuntu_linux
16.04
- debian•debian_linux
8.0
- org.apache.tomcat•tomcat
≥ 9.0.0M1, < 9.0.0.M10 | ≥ 8.5.0, < 8.5.5 | ≥ 8.0.0.RC1, < 8.0.37 | ≥ 7.0.0, < 7.0.72 | ≥ 6.0.0, < 6.0.46
- netapp•oncommand_insight
na
- netapp•oncommand_shift
na
- netapp•snap_creator_framework
na
- oracle•communications_diameter_signaling_router
≥ 8.0.0, ≤ 8.5.0
- oracle•tekelec_platform_distribution
≥ 7.4.0, ≤ 7.7.1
- redhat•enterprise_linux_desktop
7.0
- redhat•enterprise_linux_eus
7.4 | 7.5 | 7.6 | 7.7
- redhat•enterprise_linux_server
7.0
- redhat•enterprise_linux_server_aus
7.4 | 7.6 | 7.7
- redhat•enterprise_linux_server_tus
7.6 | 7.7
- redhat•enterprise_linux_workstation
7.0
- redhat•jboss_enterprise_web_server
3.0.0
References (45)
- http://www.securitytracker.com/id/1037144
- https://lists.apache.org/thread.html/1872f96bad43647832bdd84a408794cd06d9cbb557af63085ca10009%40%3Cannounce.tomcat.apache.org%3E
- https://access.redhat.com/errata/RHSA-2017:2247
- http://rhn.redhat.com/errata/RHSA-2017-0457.html
- https://access.redhat.com/errata/RHSA-2017:0455
- http://www.securityfocus.com/bid/93939
- http://www.debian.org/security/2016/dsa-3720
- https://access.redhat.com/errata/RHSA-2017:0456
- https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
- https://usn.ubuntu.com/4557-1/
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://security.netapp.com/advisory/ntap-20180605-0001/
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://nvd.nist.gov/vuln/detail/CVE-2016-0762
- https://github.com/apache/tomcat/commit/86b2e436099cb48f30dad950175c5beeeb763756
- https://github.com/apache/tomcat/commit/970e615c7ade6ec6c341470bbc76aa1256353737
- https://github.com/apache/tomcat/commit/d79c63d424fe6b225678416343b9ce106dec947c
- https://github.com/apache/tomcat80/commit/dc4c3317452f0bc2c5e1f6a08d3bd9f22488b450
- https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
- https://security.netapp.com/advisory/ntap-20180605-0001
- https://usn.ubuntu.com/4557-1
- https://github.com/apache/tomcat
- https://lists.apache.org/thread.html/1872f96bad43647832bdd84a408794cd06d9cbb557af63085ca10009@%3Cannounce.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E