CVE-2019-12418

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://lists.apache.org/thread.html/43530b91506e2e0c11cfbe691173f5df8c48f51b98262426d7493b67%40%3Cannounce.tomcat.apache.org%3E", "name": "https://lists.apache.org/thread.html/43530b91506e2e0c11cfbe691173f5df8c48f51b98262426d7493b67%40%3Cannounce.tomcat.apache.org%3E", "tags": ["Mailing List", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "https://www.debian.org/security/2019/dsa-4596", "name": "DSA-4596", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "https://seclists.org/bugtraq/2019/Dec/43", "name": "20191229 [SECURITY] [DSA 4596-1] tomcat8 security update", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "BUGTRAQ"}, {"url": "https://security.netapp.com/advisory/ntap-20200107-0001/", "name": "https://security.netapp.com/advisory/ntap-20200107-0001/", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "https://support.f5.com/csp/article/K10107360?utm_source=f5support&utm_medium=RSS", "name": "https://support.f5.com/csp/article/K10107360?utm_source=f5support&utm_medium=RSS", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00013.html", "name": "openSUSE-SU-2020:0038", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "SUSE"}, {"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00024.html", "name": "[debian-lts-announce] 20200127 [SECURITY] [DLA 2077-1] tomcat7 security update", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "MLIST"}, {"url": "https://usn.ubuntu.com/4251-1/", "name": "USN-4251-1", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E", "name": "[tomcat-dev] 20200203 svn commit: r1873527 [24/30] - /tomcat/site/trunk/docs/", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "refsource": "MLIST"}, {"url": "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E", "name": "[tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "refsource": "MLIST"}, {"url": "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E", "name": "[tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "refsource": "MLIST"}, {"url": "https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E", "name": "[tomcat-dev] 20200213 svn commit: r1873980 [28/34] - /tomcat/site/trunk/docs/", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "refsource": "MLIST"}, {"url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E", "name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "refsource": "MLIST"}, {"url": "https://security.gentoo.org/glsa/202003-43", "name": "GLSA-202003-43", "tags": ["Third Party Advisory"], "refsource": "GENTOO"}, {"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00029.html", "name": "[debian-lts-announce] 20200324 [SECURITY] [DLA 2155-1] tomcat8 security update", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "MLIST"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "name": "N/A", "tags": ["Patch", "Third Party Advisory"], "refsource": "N/A"}, {"url": "https://www.debian.org/security/2020/dsa-4680", "name": "DSA-4680", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2019-12418", "ASSIGNER": "security@apache.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.4, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "acInsufInfo": false, "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.0, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.0}}, "publishedDate": "2019-12-23T18:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "7.0.97", "versionStartIncluding": "7.0.0"}, {"cpe23Uri": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "8.5.47", "versionStartIncluding": "8.5.0"}, {"cpe23Uri": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "9.0.28", "versionStartIncluding": "9.0.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:workload_manager:12.2.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:workload_manager:18c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:workload_manager:19c:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "3.1.3", "versionStartIncluding": "3.0.0"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-04-18T15:47Z"}